CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-3945 – libtiff: out-of-bounds write in the tiff2rgba tool
https://notcve.org/view.php?id=CVE-2016-3945
02 Aug 2016 — Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile functions in the tiff2rgba tool in LibTIFF 4.0.6 and earlier, when -b mode is enabled, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image, which triggers an out-of-bounds write. Múltiples desbordamientos de entero en las funciones (1) cvt_by_strip y (2) cvt_by_tile en la herramienta tiff2rgba en LibTIFF 4.0.6 y versiones anteriores, cuando está habilitado el modo -b, permiten a ... • http://bugzilla.maptools.org/show_bug.cgi?id=2545 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-3990 – libtiff: out-of-bounds write in horizontalDifference8()
https://notcve.org/view.php?id=CVE-2016-3990
02 Aug 2016 — Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image to tiffcp. Desbordamiento de búfer basado en memoria dinámica en la función horizontalDifference8 en tif_pixarlog.c en LibTIFF 4.0.6 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (caída) o ejecutar código arbitrario a través de una imagen TIFF man... • http://bugzilla.maptools.org/show_bug.cgi?id=2544 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-3991 – libtiff: out-of-bounds write in loadImage() function
https://notcve.org/view.php?id=CVE-2016-3991
02 Aug 2016 — Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image with zero tiles. Desbordamiento de búfer basado en memoria dinámica en la función loadImage en la herramienta tiffcrop en LibTIFF 4.0.6 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (escritura fuera de límites) o ejecutar código arbitrario a ... • http://bugzilla.maptools.org/show_bug.cgi?id=2543 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 1%CPEs: 3EXPL: 0CVE-2015-8784 – libtiff: out-of-bound write in NeXTDecode()
https://notcve.org/view.php?id=CVE-2015-8784
08 Feb 2016 — The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image, as demonstrated by libtiff5.tif. La función NeXTDecode en tif_next.c en LibTIFF permite a atacantes remotos provocar una denegación de servicio (escritura fuera de rango) a través de una imagen TIFF manipulada, según lo demostrado por libtiff5.tif. The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix... • http://bugzilla.maptools.org/show_bug.cgi?id=2508 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 2%CPEs: 3EXPL: 0CVE-2015-8781 – libtiff: invalid assertion
https://notcve.org/view.php?id=CVE-2015-8781
01 Feb 2016 — tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-2015-8782. tif_luv.c en libtiff permite a atacantes provocar una denegación de servicio (escritura fuera de rango) a través de un número no válido de muestras por píxel en una imagen TIFF comprimida con LogL, una vulnerabilidad diferente a CVE-2015-8782. The libtiff packages contain a library of functions for m... • http://bugzilla.maptools.org/show_bug.cgi?id=2522#c0 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 1%CPEs: 3EXPL: 0CVE-2015-8782 – libtiff: invalid assertion
https://notcve.org/view.php?id=CVE-2015-8782
01 Feb 2016 — tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds writes) via a crafted TIFF image, a different vulnerability than CVE-2015-8781. tif_luv.c en libtiff permite a atacantes provocar una denegación de servicio (escrituras fuera de rango) a través de una imagen TIFF manipulada, una vulnerabilidad diferente a CVE-2015-8781. The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: Multiple flaws have been discovered in libti... • http://bugzilla.maptools.org/show_bug.cgi?id=2522 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2015-8783 – libtiff: invalid assertion
https://notcve.org/view.php?id=CVE-2015-8783
01 Feb 2016 — tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds reads) via a crafted TIFF image. tif_luv.c en libtiff permite a atacantes provocar una denegación de servicio (lecturas fuera de rango) a través de una imagen TIFF manipulada. The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, poss... • http://bugzilla.maptools.org/show_bug.cgi?id=2522 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 11EXPL: 1CVE-2015-8668 – libtiff: OOB read in bmp2tiff
https://notcve.org/view.php?id=CVE-2015-8668
28 Dec 2015 — Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image. Desbordamiento de buffer basado en memoria dinámica en la función PackBitsPreEncode en tif_packbits.c en bmp2tiff en libtiff 4.0.6 y versiones anteriores permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio a través de un campo width... • http://packetstormsecurity.com/files/135080/libtiff-4.0.6-Heap-Overflow.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 1%CPEs: 3EXPL: 0CVE-2014-9655 – libtiff: use of uninitialized memory in putcontig8bitYCbCr21tile and NeXTDecode
https://notcve.org/view.php?id=CVE-2014-9655
30 Mar 2015 — The (1) putcontig8bitYCbCr21tile function in tif_getimage.c or (2) NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff-cvs-1.tif and libtiff-cvs-2.tif. La función (1) putcontig8bitYCbCr21tile en tif_getimage.c o la función (2) NeXTDecode en tif_next.c in LibTIFF permite a atacantes remotos provocar una denegación de servicio (acceso a memoria no inicializada) a través de una image... • http://openwall.com/lists/oss-security/2015/02/07/5 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2014-8128 – Gentoo Linux Security Advisory 201701-16
https://notcve.org/view.php?id=CVE-2014-8128
30 Mar 2015 — LibTIFF prior to 4.0.4, as used in Apple iOS before 8.4 and OS X before 10.10.4 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image. LibTIFF versiones anteriores a 4.0.4, como es usado en Apple iOS versiones anteriores a 8.4 y OS X versiones anteriores a 10.10.4 y otros productos, permite a atacantes remotos causar una denegación de servicio (escritura fuera de límites) por medio de una imagen TIFF diseñada. William Robinet discovered that ... • http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html • CWE-787: Out-of-bounds Write •