Page 9 of 250 results (0.004 seconds)

CVSS: 7.7EPSS: 0%CPEs: 3EXPL: 2

Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact Múltiples desbordamientos del búfer de la pila en la utilidad tiffcrop.c de libtiff library versión 4.4.0, permiten a un atacante desencadenar un acceso a la memoria no seguro o fuera de límites por medio de un archivo de imagen TIFF diseñado, lo que podría resultar en un bloqueo de la aplicación, una posible divulgación de información o cualquier otro impacto dependiente del contexto A heap-based buffer overflow flaw was found in Libtiff's tiffcrop utility. This issue occurs during the conversion of a TIFF image file, allowing an attacker to pass a crafted TIFF image file to tiffcrop utility, which causes an out-of-bound access resulting an application crash, eventually leading to a denial of service. • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3570.json https://gitlab.com/libtiff/libtiff/-/commit/bd94a9b383d8755a27b5a1bc27660b8ad10b094c https://gitlab.com/libtiff/libtiff/-/issues/381 https://gitlab.com/libtiff/libtiff/-/issues/386 https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html https://security.netapp.com/advisory/ntap-20230203-0002 https://www.debian.org/security/2023/dsa-5333 https://access.redhat.com/security/cve/CVE-2022-3570 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1

LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b. LibTIFF versión 4.4.0, presenta una escritura fuera de límites en extractContigSamplesShifted24bits en el archivo tools/tiffcrop.c:3604, lo que permite a atacantes causar una denegación de servicio por medio de un archivo tiff diseñado. Para los usuarios que compilan libtiff a partir de las fuentes, la corrección está disponible con el commit cfbb883b An out-of-bounds write flaw was found in the extractContigSamplesShifted24bits function in tools/tiffcrop.c in the libtiff package. By persuading a victim to open a specially-crafted TIFF image file, a remote attacker could cause a denial of service condition. • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3598.json https://gitlab.com/libtiff/libtiff/-/commit/cfbb883bf6ea7bedcb04177cc4e52d304522fdff https://gitlab.com/libtiff/libtiff/-/issues/435 https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html https://security.netapp.com/advisory/ntap-20230110-0001 https://access.redhat.com/security/cve/CVE-2022-3598 https://bugzilla.redhat.com/show_bug.cgi?id=2142738 • CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 2

A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service. Se ha encontrado un fallo de desbordamiento del búfer de la pila en el archivo tiffinfo.c de Libtiffs, en la función TIFFReadRawDataStriped(). Este defecto permite a un atacante pasar un archivo TIFF diseñado a la herramienta tiffinfo, desencadenando un problema de desbordamiento del búfer de la pila y causando un fallo que conlleva a una denegación de servicio • https://access.redhat.com/security/cve/CVE-2022-1354 https://bugzilla.redhat.com/show_bug.cgi?id=2074404 https://gitlab.com/libtiff/libtiff/-/commit/87f580f39011109b3bb5f6eca13fac543a542798 https://gitlab.com/libtiff/libtiff/-/issues/319 https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html https://security.gentoo.org/glsa/202210-10 https://security.netapp.com/advisory/ntap-20221014-0007 https://www.debian.org/security/2023/dsa-5333 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •

CVSS: 6.6EPSS: 0%CPEs: 10EXPL: 2

A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service. Se ha encontrado un fallo de desbordamiento del búfer de la pila en la función main() del archivo tiffcp.c de Libtiffs. Este defecto permite a un atacante pasar un archivo TIFF diseñado a la herramienta tiffcp, desencadenando un problema de desbordamiento del búfer de la pila, posiblemente corrompiendo la memoria, y causando un fallo que conlleva a una denegación de servicio • https://access.redhat.com/security/cve/CVE-2022-1355 https://bugzilla.redhat.com/show_bug.cgi?id=2074415 https://gitlab.com/libtiff/libtiff/-/issues/400 https://gitlab.com/libtiff/libtiff/-/merge_requests/323 https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html https://security.gentoo.org/glsa/202210-10 https://security.netapp.com/advisory/ntap-20221014-0007 https://www.debian.org/security/2023/dsa-5333 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 2

There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1 Se presenta una doble liberación o corrupción en la función rotateImage() en el archivo tiffcrop.c:8839 encontrado en libtiff versión 4.4.0rc1 A double-free flaw was found in the tiffcrop tool distributed with the libtiff tools package. The double-free issue leads to a denial of service, impacting the availability. • https://gitlab.com/libtiff/libtiff/-/issues/423 https://gitlab.com/libtiff/libtiff/-/merge_requests/378 https://www.debian.org/security/2023/dsa-5333 https://access.redhat.com/security/cve/CVE-2022-2519 https://bugzilla.redhat.com/show_bug.cgi?id=2122789 • CWE-415: Double Free •