CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-18661 – libtiff: tiff2bw tool failed memory allocation leads to crash
https://notcve.org/view.php?id=CVE-2018-18661
26 Oct 2018 — An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c. Se ha descubierto un problema en LibTIFF 4.0.9. Hay una desreferencia de puntero NULL en la función LZWDecode en tif_lzw.c. It was discovered that LibTIFF incorrectly handled certain malformed images. • http://bugzilla.maptools.org/show_bug.cgi?id=2819 • CWE-121: Stack-based Buffer Overflow CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 29%CPEs: 7EXPL: 2CVE-2018-18557 – libtiff 4.0.9 - Decodes Arbitrarily Sized JBIG into a Target Buffer
https://notcve.org/view.php?id=CVE-2018-18557
22 Oct 2018 — LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-of-bounds write. LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4. 0.8 y 4.0.9 (con JB... • https://packetstorm.news/files/id/149974 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-17795
https://notcve.org/view.php?id=CVE-2018-17795
30 Sep 2018 — The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935. La función t2p_write_pdf en tiff2pdf.c en LibTIFF versión 4.0.9 y anteriores permite a los atacantes remotos causar una denegación de servicio (desbordamiento del búfer basado en heap y caída de la aplicación) o posiblemente tener otro i... • http://bugzilla.maptools.org/show_bug.cgi?id=2816 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-17100 – libtiff: Integer overflow in multiply_ms in tools/ppm2tiff.c
https://notcve.org/view.php?id=CVE-2018-17100
16 Sep 2018 — An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file. Se ha descubierto un problema en LibTIFF 4.0.9. Hay un desbordamiento de int32 en multiply_ms en tools ppm2tiff.c que puede provocar una denegación de servicio (cierre inesperado) o, posiblemente, otro tipo de impacto sin especificar mediante un archivo de imagen manipulado. The libtiff packages... • http://bugzilla.maptools.org/show_bug.cgi?id=2810 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-17101 – libtiff: Two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c
https://notcve.org/view.php?id=CVE-2018-17101
16 Sep 2018 — An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. Se ha descubierto un problema en LibTIFF 4.0.9. Hay dos escrituras fuera de límites en cpTags en tools tiff2bw.c y tools pal2rgb.c que pueden provocar una denegación de servicio (cierre inesperado de la aplicación) o, posiblemente, otro tipo de impacto sin espe... • http://bugzilla.maptools.org/show_bug.cgi?id=2807 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 1%CPEs: 6EXPL: 1CVE-2018-17000 – Debian Security Advisory 4670-1
https://notcve.org/view.php?id=CVE-2018-17000
13 Sep 2018 — A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered by the executable tiffcp. Una desreferencia de puntero NULL en la función _TIFFmemcmp en tif_unix.c (llamado desde TIFFWriteDirectoryTagTransferfunction) en LibTIFF 4.0.9 permite que un atacante provoque una denegación de servicio (DoS) mediante un archivo TIFF... • http://bugzilla.maptools.org/show_bug.cgi?id=2811 • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-16335 – Debian Security Advisory 4349-1
https://notcve.org/view.php?id=CVE-2018-16335
02 Sep 2018 — newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209. El manejo de newoffsets en ChopUpSingleUncompressedStrip en tif_dirread.c en LibTIFF 4.0.9 permite que atacantes remotos provoquen una denegación de servicio (desbordamie... • http://bugzilla.maptools.org/show_bug.cgi?id=2809 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2018-15209 – libtiff: Heap-based buffer overflow in ChopUpSingleUncompressedStrip in tif_dirread.c
https://notcve.org/view.php?id=CVE-2018-15209
08 Aug 2018 — ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. ChopUpSingleUncompressedStrip en tif_dirread.c en LibTIFF 4.0.9 permite que atacantes remotos provoquen una denegación de servicio (desbordamiento de búfer y caída de aplicación basada en memoria dinámica o heap) o, probablemente, provocar cualquie... • http://bugzilla.maptools.org/show_bug.cgi?id=2808 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 12%CPEs: 5EXPL: 1CVE-2018-12900 – libtiff: Heap-based buffer overflow in the cpSeparateBufToContigBuf function resulting in a denial of service or possibly code execution
https://notcve.org/view.php?id=CVE-2018-12900
26 Jun 2018 — Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via a crafted TIFF file. Desbordamiento de búfer basado en heap en la función cpSeparateBufToContigBuf en tiffcp.c en LibTIFF versiones 3.9.3, 3.9.4,... • http://bugzilla.maptools.org/show_bug.cgi?id=2798 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 1CVE-2018-10963 – libtiff: reachable assertion in TIFFWriteDirectorySec function in tif_dirwrite.c
https://notcve.org/view.php?id=CVE-2018-10963
10 May 2018 — The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726. La función TIFFWriteDirectorySec() en tif_dirwrite.c en LibTIFF hasta la versión 4.0.9 permite que atacantes remotos provoquen una denegación de servicio (fallo de aserción y cierre inesperado de la aplicación) mediante un archivo manipulado. It was discovered that LibT... • http://bugzilla.maptools.org/show_bug.cgi?id=2795 • CWE-617: Reachable Assertion •