CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10269 – Ubuntu Security Notice USN-3602-1
https://notcve.org/view.php?id=CVE-2016-10269
24 Mar 2017 — LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6 and 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 512" and libtiff/tif_unix.c:340:2. LibTIFF 4.0.0alfa4, 4.0.0alfa5, 4.0.0alfa6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6 y 4.0. 7 permite a los atacantes remotos causar una denega... • http://www.debian.org/security/2017/dsa-3844 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10270
https://notcve.org/view.php?id=CVE-2016-10270
24 Mar 2017 — LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 8" and libtiff/tif_read.c:523:22. LibTIFF 4.0.7 permite a atacantes remotos provocar una denegación de servicio (sobre lectura de búfer basada en memoria dinámica) o posiblemente tener otro impacto no especificado a través de una imagen TIFF manipulada, relacionado con "READ de tamaño 8" y libtiff/tif_read.c:523:22. • http://www.debian.org/security/2017/dsa-3844 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10271
https://notcve.org/view.php?id=CVE-2016-10271
24 Mar 2017 — tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read and buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 1" and libtiff/tif_fax3.c:413:13. tools/tiffcrop.c en LibTIFF 4.0.7 permite a atacantes remotos provocar una denegación de servicio (sobre lectura de búfer basada en memoria dinámica y desbordamiento de búfer) o posiblemente tener otro impacto no especificado a través de una imagen... • http://www.securityfocus.com/bid/97199 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10272
https://notcve.org/view.php?id=CVE-2016-10272
24 Mar 2017 — LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "WRITE of size 2048" and libtiff/tif_next.c:64:9. LibTIFF 4.0.7 permite a atacantes remotos provocar una denegación de servicio (desbordamiento de búfer basado en memoria dinámica) o posiblemente tener otro impacto no especificado a través de una imagen TIFF manipulada, relacionado con "WRITE de tamaño 2048" y libtiff/tif_next.c:64:9. • http://www.securityfocus.com/bid/97197 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2016-10095 – Debian Security Advisory 3903-1
https://notcve.org/view.php?id=CVE-2016-10095
01 Mar 2017 — Stack-based buffer overflow in the _TIFFVGetField function in tif_dir.c in LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7 and 4.0.8 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file. Desbordamiento de búfer basado en pila en la función _TIFFVGetField en tif_dir.c en LibTIFF versiones 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0... • http://bugzilla.maptools.org/show_bug.cgi?id=2625 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2016-10092 – Ubuntu Security Notice USN-3212-1
https://notcve.org/view.php?id=CVE-2016-10092
27 Feb 2017 — Heap-based buffer overflow in the readContigStripsIntoBuffer function in tif_unix.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5 and 4.0.6 allows remote attackers to have unspecified impact via a crafted image. Desbordamiento de búfer basado en Heap en la función readContigStripsIntoBuffer en tif_unix.c en LibTIFF versiones 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4. 0.0a... • http://bugzilla.maptools.org/show_bug.cgi?id=2620 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2016-10093 – Ubuntu Security Notice USN-3212-1
https://notcve.org/view.php?id=CVE-2016-10093
27 Feb 2017 — Integer overflow in tools/tiffcp.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5 and 4.0.6 allows remote attackers to have unspecified impact via a crafted image, which triggers a heap-based buffer overflow. El desbordamiento de enteros en tools/tiffcp.c en LibTIFF versiones 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0. 2, 4.0.3, 4.0.... • http://bugzilla.maptools.org/show_bug.cgi?id=2610 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2016-10094 – Ubuntu Security Notice USN-3212-1
https://notcve.org/view.php?id=CVE-2016-10094
27 Feb 2017 — Off-by-one error in the t2p_readwrite_pdf_image_tile function in tools/tiff2pdf.c in LibTIFF 4.0.7 allows remote attackers to have unspecified impact via a crafted image. Error por un paso en la función t2p_readwrite_pdf_image_tile en tools/tiff2pdf.c en LibTIFF 4.0.7 permite a atacantes remotos tener un impacto no especificado a través de una imagen manipulada. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially cr... • http://bugzilla.maptools.org/show_bug.cgi?id=2640 • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5563 – Gentoo Linux Security Advisory 201709-27
https://notcve.org/view.php?id=CVE-2017-5563
23 Jan 2017 — LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff. LibTIFF versión 4.0.7 es vulnerable a una sobre lectura de bufer basado en memoria dinámica en tif_lzw.c resultando en DoS o ejecución de código a través de una imagen bmp manipulada en tools/bmp2tiff. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially craft... • http://bugzilla.maptools.org/show_bug.cgi?id=2664 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 2CVE-2017-5225 – Ubuntu Security Notice USN-3212-1
https://notcve.org/view.php?id=CVE-2017-5225
12 Jan 2017 — LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value. LibTIFF en la versión 4.0.7 es vulnerable a un desbordamiento de búfer de memoria dinámica en tools/tiffcp resultando en un DoS o ejecución de código a través de un valor BitsPerSample manipulado. USN-3212-1 fixed several issues in LibTIFF. This update provides a subset of corresponding update for Ubuntu 12.04 ESM. Mei Wang discovered a multiple integer over... • http://bugzilla.maptools.org/show_bug.cgi?id=2656 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •