CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0804 – libtiff: out-of-bounds write in extractContigSamplesShifted24bits() in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2023-0804
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds write in the extractContigSamplesShifted24bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited data modification. • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0804.json https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00 https://gitlab.com/libtiff/libtiff/-/issues/497 https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FBF3UUFSB6NB3NFTQSKOOIZGXJP3T34Z https://security.gentoo.org/glsa/202305-31 https://security.netapp.com/advisory/ntap-20230324-0009 https: • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-48281 – libtiff: heap-based buffer overflow in processCropSelections() in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2022-48281
processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image. A vulnerability was found in libtiff. This vulnerability occurs due to an issue in processCropSelections in the tools/tiffcrop.c function in LibTIFF that has a heap-based buffer overflow (for example, "WRITE of size 307203") via a crafted TIFF image. • https://gitlab.com/libtiff/libtiff/-/commit/d1b6b9c1b3cae2d9e37754506c1ad8f4f7b646b5 https://gitlab.com/libtiff/libtiff/-/issues/488 https://lists.debian.org/debian-lts-announce/2023/01/msg00037.html https://security.gentoo.org/glsa/202305-31 https://security.netapp.com/advisory/ntap-20230302-0004 https://www.debian.org/security/2023/dsa-5333 https://access.redhat.com/security/cve/CVE-2022-48281 https://bugzilla.redhat.com/show_bug.cgi?id=2163606 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 1CVE-2022-3970 – LibTIFF tif_getimage.c TIFFReadRGBATileExt integer overflow
https://notcve.org/view.php?id=CVE-2022-3970
A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53137 https://gitlab.com/libtiff/libtiff/-/commit/227500897dfb07fb7d27f7aa570050e62617e3be https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html https://oss-fuzz.com/download?testcase_id=5738253143900160 https://security.netapp.com/advisory/ntap-20221215-0009 https://support.apple.com/kb/HT213841 https://support.apple.com/kb/HT213843 https://vuldb.com/?id.213549 https://access.redhat.com/security/cve/CVE-2022-3970 https • CWE-189: Numeric Errors CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1CVE-2022-3597 – libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix
https://notcve.org/view.php?id=CVE-2022-3597
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6826, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191. LibTIFF versión 4.4.0, presenta una escritura fuera de límites en el archivo _TIFFmemcpy en libtiff/tif_unix.c:346 cuando es llamado desde extractImageSection, tools/tiffcrop.c:6826, permitiendo a atacantes causar una denegación de servicio por medio de un archivo tiff diseñado. Para los usuarios que compilan libtiff desde las fuentes, la corrección está disponible con el commit 236b7191 An out-of-bounds write flaw was found in the _TIFFmemcpy function in libtiff/tif_unix.c in the libtiff package. By persuading a victim to open a specially-crafted TIFF image file, a remote attacker could cause a denial of service condition. • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3597.json https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047 https://gitlab.com/libtiff/libtiff/-/issues/413 https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html https://security.netapp.com/advisory/ntap-20230110-0001 https://www.debian.org/security/2023/dsa-5333 https://access.redhat.com/security/cve/CVE-2022-3597 https://bugzilla.redhat.com/show_bug.cgi?id=2142736 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-3598 – libtiff: out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2022-3598
LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b. LibTIFF versión 4.4.0, presenta una escritura fuera de límites en extractContigSamplesShifted24bits en el archivo tools/tiffcrop.c:3604, lo que permite a atacantes causar una denegación de servicio por medio de un archivo tiff diseñado. Para los usuarios que compilan libtiff a partir de las fuentes, la corrección está disponible con el commit cfbb883b An out-of-bounds write flaw was found in the extractContigSamplesShifted24bits function in tools/tiffcrop.c in the libtiff package. By persuading a victim to open a specially-crafted TIFF image file, a remote attacker could cause a denial of service condition. • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3598.json https://gitlab.com/libtiff/libtiff/-/commit/cfbb883bf6ea7bedcb04177cc4e52d304522fdff https://gitlab.com/libtiff/libtiff/-/issues/435 https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html https://security.netapp.com/advisory/ntap-20230110-0001 https://access.redhat.com/security/cve/CVE-2022-3598 https://bugzilla.redhat.com/show_bug.cgi?id=2142738 • CWE-787: Out-of-bounds Write •