CVE-2005-1544 – LibTiff 3.7.1 - BitsPerSample Tag Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-1544
Stack-based buffer overflow in libTIFF before 3.7.2 allows remote attackers to execute arbitrary code via a TIFF file with a malformed BitsPerSample tag. • https://www.exploit-db.com/exploits/1554 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.3/SCOSA-2006.3.txt ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.34/SCOSA-2005.34.txt http://bugs.gentoo.org/show_bug.cgi?id=91584 http://bugzilla.remotesensing.org/show_bug.cgi?id=843 http://secunia.com/advisories/15320 http://secunia.com/advisories/16872 http://secunia.com/advisories/18289 http://secunia.com/advisories/18943 http://securitytracker.com/id?1013944 h •
CVE-2004-1183
https://notcve.org/view.php?id=CVE-2004-1183
Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF file. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000920 http://marc.info/?l=bugtraq&m=110503635113419&w=2 http://secunia.com/advisories/13728 http://secunia.com/advisories/13776 http://security.gentoo.org/glsa/glsa-200501-06.xml http://www.debian.org/security/2004/dsa-626 http://www.mandriva.com/security/advisories?name=MDKSA-2005:001 http://www.mandriva.com/security/advisories?name=MDKSA-2005:002 http://www.mandriva.com/security/advisories? •
CVE-2004-1308
https://notcve.org/view.php?id=CVE-2004-1308
Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff 3.5.7 and 3.7.0 allows remote attackers to execute arbitrary code via a TIFF file containing a TIFF_ASCII or TIFF_UNDEFINED directory entry with a -1 entry count, which leads to a heap-based buffer overflow. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000920 http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://secunia.com/advisories/13776 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1 http://www.debian.org/security/2004/dsa-617 http://www.idefense.com/application/poi/display?id=174&type=vulnerabilities http://www.kb.cert.org/vuls/id/125598 http://w •
CVE-2004-1307
https://notcve.org/view.php?id=CVE-2004-1307
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1 http://www.idefense.com/application/poi/display?id=173&type=vulnerabilities&flashstatus=true http://www.kb.cert.org/vuls/id/539110 http://www.us-cert.gov/cas/techalerts/TA05-136A.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11175 https: •
CVE-2004-0929
https://notcve.org/view.php?id=CVE-2004-0929
Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg.c for libtiff 3.6.1 and earlier, when compiled with the OJPEG_SUPPORT (old JPEG support) option, allows remote attackers to execute arbitrary code via a malformed TIFF image. • http://www.idefense.com/application/poi/display?id=154&type=vulnerabilities http://www.kb.cert.org/vuls/id/129910 http://www.novell.com/linux/security/advisories/2004_38_libtiff.html https://exchange.xforce.ibmcloud.com/vulnerabilities/17843 •