CVSS: 6.5EPSS: 1%CPEs: 1EXPL: 0CVE-2016-5318 – Gentoo Linux Security Advisory 201701-16
https://notcve.org/view.php?id=CVE-2016-5318
09 Jan 2017 — Stack-based buffer overflow in the _TIFFVGetField function in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted tiff. Desbordamiento de búfer basado en pila en la función _TIFFVGetField en libtiff 4.0.6 y versiones anteriores permite a atacantes remotos bloquear la aplicación a través de un tiff manipulado. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a re... • http://www.openwall.com/lists/oss-security/2016/04/27/6 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5319 – Gentoo Linux Security Advisory 201701-16
https://notcve.org/view.php?id=CVE-2016-5319
09 Jan 2017 — Heap-based buffer overflow in tif_packbits.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted bmp file. Desbordamiento de búfer basado en memoria dinámica en tif_packbits.c en libtiff 4.0.6 y versiones anteriores permite a atacantes remotos bloquear la aplicación a través de un archivo bmp manipulado. Multiple vulnerabilities have been found in libTIFF, the worst of which may allow execution of arbitrary code. Versions less than 4.0.7 are affected. • http://www.openwall.com/lists/oss-security/2016/04/27/6 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-5321 – Gentoo Linux Security Advisory 201701-16
https://notcve.org/view.php?id=CVE-2016-5321
09 Jan 2017 — The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image. La función DumpModeDecode en libtiff 4.0.6 y versiones anteriores permite a atacantes provocar una denegación de servicio (lectura no válida y caída) a través de una imagen tiff manipulada. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote... • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00017.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-5322 – Gentoo Linux Security Advisory 201701-16
https://notcve.org/view.php?id=CVE-2016-5322
09 Jan 2017 — The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. La función setByteArray en tif_dir.c en libtiff 4.0.6 y versiones anteriores permite a los atacantes remotos provocar una denegación de servicio (fuera de los límites de lectura) a través de una imagen tiff manipulada. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into ... • http://www.debian.org/security/2017/dsa-3762 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2016-5323 – Gentoo Linux Security Advisory 201701-16
https://notcve.org/view.php?id=CVE-2016-5323
09 Jan 2017 — The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted Tiff image. La función _TIFFFax3fillruns en libtiff en versiones anteriores a 4.0.6 permite a atacantes remotos provocar una denegación de servicio (error de división por cero y caída de aplicación) a través de una imagen Tiff manipulada. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system... • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00017.html • CWE-369: Divide By Zero •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5102 – Gentoo Linux Security Advisory 201701-16
https://notcve.org/view.php?id=CVE-2016-5102
09 Jan 2017 — Buffer overflow in the readgifimage function in gif2tiff.c in the gif2tiff tool in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (segmentation fault) via a crafted gif file. Desbordamiento de búfer en la función readgifimage de gif2tiff.c en la herramienta gif2tiff en LibTIFF 4.0.6 permite a atacantes remotos provocar una denegación de servicio (fallo de segmentación) a través de un archivo gif manipulado It was discovered that LibTIFF incorrectly handled certain malformed images. If a ... • http://bugzilla.maptools.org/show_bug.cgi?id=2552 • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6223 – Gentoo Linux Security Advisory 201701-16
https://notcve.org/view.php?id=CVE-2016-6223
09 Jan 2017 — The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.c in libtiff before 4.0.7 allows remote attackers to cause a denial of service (crash) or possibly obtain sensitive information via a negative index in a file-content buffer. Las funciones TIFFReadRawStrip1 y TIFFReadRawTile1 en tif_read.c en libtiff en versiones anteriores a 4.0.7 permite a atacantes remotos provocar una denegación de servicio (caída) o posiblemente obtener información sensible a través de un índice negativo en un búfer de co... • http://libtiff.maptools.org/v4.0.7.html • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9273 – Gentoo Linux Security Advisory 201701-16
https://notcve.org/view.php?id=CVE-2016-9273
09 Jan 2017 — tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file, related to changing td_nstrips in TIFF_STRIPCHOP mode. tiffsplit en libtiff 4.0.6 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un archivo manipulado, relacionado con el cambio de td_nstrips en el modo TIFF_STRIPCHOP. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tric... • http://bugzilla.maptools.org/show_bug.cgi?id=2587 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9297 – Gentoo Linux Security Advisory 201701-16
https://notcve.org/view.php?id=CVE-2016-9297
09 Jan 2017 — The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII tag values. La función TIFFFetchNormalTag en LibTiff 4.0.6 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de valores de etiqueta TIFF_SETGET_C16ASCII o TIFF_SETGET_C32_ASCII manipulados. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or a... • http://bugzilla.maptools.org/show_bug.cgi?id=2590 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2016-9448 – Gentoo Linux Security Advisory 201701-16
https://notcve.org/view.php?id=CVE-2016-9448
09 Jan 2017 — The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9297. La función TIFFFetchNormalTag en LibTiff 4.0.6 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL y caída) estableciendo las etiquetas TIFF_SETGET_C16... • http://bugzilla.maptools.org/show_bug.cgi?id=2593 • CWE-476: NULL Pointer Dereference •