CVE-2012-4564 – libtiff: Missing return value check in ppm2tiff leading to heap-buffer overflow when reading a tiff file
https://notcve.org/view.php?id=CVE-2012-4564
ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow. ppm2tiff no comprueba el valor devuelto por la función TIFFScanlineSize, lo que permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de una imagen PPM modificada que provoca un desbordamiento de entero, una asignación zero-memory, y un desbordamiento de búfer basado en memoria dinámica. • http://lists.opensuse.org/opensuse-updates/2013-01/msg00076.html http://rhn.redhat.com/errata/RHSA-2012-1590.html http://secunia.com/advisories/51133 http://www.debian.org/security/2012/dsa-2575 http://www.openwall.com/lists/oss-security/2012/11/02/3 http://www.openwall.com/lists/oss-security/2012/11/02/7 http://www.osvdb.org/86878 http://www.securityfocus.com/bid/56372 http://www.ubuntu.com/usn/USN-1631-1 https://bugzilla.redhat.com/show_bug.cgi?i • CWE-122: Heap-based Buffer Overflow •
CVE-2012-4447 – libtiff: Heap-buffer overflow when processing a TIFF image with PixarLog Compression
https://notcve.org/view.php?id=CVE-2012-4447
Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format. Desbordamiento de búfer basado en memoria dinámica en tif_pixarlog.c en libtiff antes de v4.0.3 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) y posiblemente ejecutar código arbitrario a través de una imagen TIFF manipulada utilizando el formato PixarLog Compression. • http://lists.opensuse.org/opensuse-updates/2013-01/msg00076.html http://rhn.redhat.com/errata/RHSA-2012-1590.html http://secunia.com/advisories/49938 http://secunia.com/advisories/51049 http://www.debian.org/security/2012/dsa-2561 http://www.openwall.com/lists/oss-security/2012/09/25/14 http://www.openwall.com/lists/oss-security/2012/09/25/9 http://www.remotesensing.org/libtiff/v4.0.3.html http://www.securityfocus.com/bid/55673 http://www.ubuntu.com/usn • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVE-2012-3401 – (tiff2pdf): Heap-based buffer overflow due to improper initialization of T2P context struct pointer
https://notcve.org/view.php?id=CVE-2012-3401
The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow. La función t2p_read_tiff_init en tiff2pdf (tools/tiff2pdf.c) en libTIFF v4.0.2 y versiones anteriores no inicializa correctamente el puntero de la estructura de contexto T2P en determinadas condiciones de error, lo que permite causar una denegación de servicio (caída de la aplicación) y posiblemente ejecutar código de su elección a atacantes dependientes de contexto a través de una imagen TIFF debidamente modificada que provoca un desbordamiento de búfer basado en memoria dinámica (heap). • http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830 http://lists.opensuse.org/opensuse-updates/2012-08/msg00011.html http://osvdb.org/84090 http://rhn.redhat.com/errata/RHSA-2012-1590.html http://secunia.com/advisories/49938 http://secunia.com/advisories/50007 http://secunia.com/advisories/50726 http://security.gentoo.org/glsa/glsa-201209-02.xml http://www.debian.org/security/2012/dsa-2552 http://www.mandriva.com/security/advisories?name= • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVE-2012-2113 – libtiff: integer overflow in tiff2pdf leading to heap-buffer overflow when reading a tiled tiff file
https://notcve.org/view.php?id=CVE-2012-2113
Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. Múltiples desbordamientos de enteros en tiff2pdf en libtiff anterior a v4.0.2 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de una elaborada imagen TIFF, lo que provoca un desbordamiento de búfer basado en memoria dinámica • http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00010.html http://rhn.redhat.com/errata/RHSA-2012-1054.html http://secunia.com/advisories/49493 http://secunia.com/advisories/49686 http://secunia.com/advisories/50726 http://security.gentoo.org/glsa/glsa-201209-02.xml http://www.debian.org/security/2012/dsa-2552 http://www.mandriva.com/security/advisories?name=MDVSA-2012:101 http://www.remotesensing.org/libtiff/v4.0.2.html http://www.securityfocus.com/bid/ • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •