CVSS: 5.0EPSS: 6%CPEs: 1EXPL: 0CVE-2006-0405
https://notcve.org/view.php?id=CVE-2006-0405
The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a NULL pointer dereference, possibly due to changes in type declarations and/or the TIFFVSetField function. La función TIFFFetchShortPair en tif_dirread.c en libtiff 3.8.0 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) mediante una imagen TIFF artesanal que dispara una desreferencia a puntero NULO, posiblemente debido a cambios en declaraciones de tipos y/o la función TIFFVSetField. • http://bugzilla.remotesensing.org/show_bug.cgi?id=1029 http://bugzilla.remotesensing.org/show_bug.cgi?id=1034 http://secunia.com/advisories/18587 http://secunia.com/advisories/20345 http://www.gentoo.org/security/en/glsa/glsa-200605-17.xml http://www.securityfocus.com/bid/18172 http://www.vupen.com/english/advisories/2006/0302 https://exchange.xforce.ibmcloud.com/vulnerabilities/24275 •
CVSS: 5.0EPSS: 3%CPEs: 3EXPL: 0CVE-2005-2452
https://notcve.org/view.php?id=CVE-2005-2452
libtiff up to 3.7.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image header with a zero "YCbCr subsampling" value, which causes a divide-by-zero error in (1) tif_strip.c and (2) tif_tile.c, a different vulnerability than CVE-2004-0804. libtiff hasta 3.7.0 permite que atacantes remotos causen una denegación de servicio (caída de la aplicación) mediante un encabezamiento de imagen TIFF con un valor cero para "YCbCr subsampling", lo que causa un error de división por cero en (1) tif_strip.c y (2) tif_tile.c, una vulnerabilidad diferente de CVE-2004-0804. • http://secunia.com/advisories/16266 http://secunia.com/advisories/16486 http://www.mandriva.com/security/advisories?name=MDKSA-2005:142 http://www.mandriva.com/security/advisories?name=MDKSA-2005:143 http://www.mandriva.com/security/advisories?name=MDKSA-2005:144 http://www.securityfocus.com/bid/14417 https://bugzilla.ubuntu.com/show_bug.cgi?id=12008 https://usn.ubuntu.com/156-1 •
CVSS: 7.5EPSS: 33%CPEs: 12EXPL: 1CVE-2005-1544 – LibTiff 3.7.1 - BitsPerSample Tag Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-1544
Stack-based buffer overflow in libTIFF before 3.7.2 allows remote attackers to execute arbitrary code via a TIFF file with a malformed BitsPerSample tag. • https://www.exploit-db.com/exploits/1554 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.3/SCOSA-2006.3.txt ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.34/SCOSA-2005.34.txt http://bugs.gentoo.org/show_bug.cgi?id=91584 http://bugzilla.remotesensing.org/show_bug.cgi?id=843 http://secunia.com/advisories/15320 http://secunia.com/advisories/16872 http://secunia.com/advisories/18289 http://secunia.com/advisories/18943 http://securitytracker.com/id?1013944 h •
CVSS: 5.1EPSS: 8%CPEs: 12EXPL: 0CVE-2004-1183
https://notcve.org/view.php?id=CVE-2004-1183
Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF file. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000920 http://marc.info/?l=bugtraq&m=110503635113419&w=2 http://secunia.com/advisories/13728 http://secunia.com/advisories/13776 http://security.gentoo.org/glsa/glsa-200501-06.xml http://www.debian.org/security/2004/dsa-626 http://www.mandriva.com/security/advisories?name=MDKSA-2005:001 http://www.mandriva.com/security/advisories?name=MDKSA-2005:002 http://www.mandriva.com/security/advisories? •
CVSS: 10.0EPSS: 12%CPEs: 10EXPL: 1CVE-2004-1308
https://notcve.org/view.php?id=CVE-2004-1308
Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff 3.5.7 and 3.7.0 allows remote attackers to execute arbitrary code via a TIFF file containing a TIFF_ASCII or TIFF_UNDEFINED directory entry with a -1 entry count, which leads to a heap-based buffer overflow. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000920 http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://secunia.com/advisories/13776 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1 http://www.debian.org/security/2004/dsa-617 http://www.idefense.com/application/poi/display?id=174&type=vulnerabilities http://www.kb.cert.org/vuls/id/125598 http://w •