CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-7601 – Ubuntu Security Notice USN-3602-1
https://notcve.org/view.php?id=CVE-2017-7601
09 Apr 2017 — LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. LibTIFF 4.0.7 tiene un problema de comportamiento de "exponente de cambio excesivamente grande para el tipo long de 64 bits" no definido, lo que podrían permitir a atacantes remotos provocar una denegación de servicio (caída de la aplicación) o posiblemente tener otro im... • http://www.debian.org/security/2017/dsa-3844 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-7602 – Ubuntu Security Notice USN-3602-1
https://notcve.org/view.php?id=CVE-2017-7602
09 Apr 2017 — LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. LibTIFF 4.0.7 tiene un desbordamiento de enteros con signo, lo que podría permitir a atacantes remotos provocar una denegación de servicio (fallo de la aplicación) o posiblemente tener otro impacto no especificado a través de una imagen manipulada. It was discovered that LibTIFF incorrectly handled certain malformed im... • http://www.debian.org/security/2017/dsa-3844 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10266 – Ubuntu Security Notice USN-3602-1
https://notcve.org/view.php?id=CVE-2016-10266
24 Mar 2017 — LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_read.c:351:22. LibTIFF 4.0.7 permite a atacantes remotos provocar una denegación de servicio (error de división por cero y caída de aplicación) a través de una imagen TIFF manipulada, relacionado con libtiff/tif_read.c:351:22. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into... • http://www.debian.org/security/2017/dsa-3844 • CWE-369: Divide By Zero •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10267 – Ubuntu Security Notice USN-3602-1
https://notcve.org/view.php?id=CVE-2016-10267
24 Mar 2017 — LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8. LibTIFF 4.0.7 permite a atacantes remotos provocar una denegación de servicio (error de división por cero y caída de aplicación) a través de una imagen TIFF manipulada, relacionado con libtiff/tif_ojpeg.c: 816: 8. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked in... • http://www.debian.org/security/2017/dsa-3844 • CWE-369: Divide By Zero •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10268 – Ubuntu Security Notice USN-3602-1
https://notcve.org/view.php?id=CVE-2016-10268
24 Mar 2017 — tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 78490" and libtiff/tif_unix.c:115:23. tools/tiffcp.c en LibTIFF 4.0.7 permite a los atacantes remotos causar una denegación de servicio (desbordamiento inferior de enteros y lectura inferior de búfer basado en memoria dinámica) o posiblemente tener otro impacto no especificado a t... • http://www.securityfocus.com/bid/97202 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10269 – Ubuntu Security Notice USN-3602-1
https://notcve.org/view.php?id=CVE-2016-10269
24 Mar 2017 — LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6 and 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 512" and libtiff/tif_unix.c:340:2. LibTIFF 4.0.0alfa4, 4.0.0alfa5, 4.0.0alfa6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6 y 4.0. 7 permite a los atacantes remotos causar una denega... • http://www.debian.org/security/2017/dsa-3844 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10270
https://notcve.org/view.php?id=CVE-2016-10270
24 Mar 2017 — LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 8" and libtiff/tif_read.c:523:22. LibTIFF 4.0.7 permite a atacantes remotos provocar una denegación de servicio (sobre lectura de búfer basada en memoria dinámica) o posiblemente tener otro impacto no especificado a través de una imagen TIFF manipulada, relacionado con "READ de tamaño 8" y libtiff/tif_read.c:523:22. • http://www.debian.org/security/2017/dsa-3844 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10271
https://notcve.org/view.php?id=CVE-2016-10271
24 Mar 2017 — tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read and buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 1" and libtiff/tif_fax3.c:413:13. tools/tiffcrop.c en LibTIFF 4.0.7 permite a atacantes remotos provocar una denegación de servicio (sobre lectura de búfer basada en memoria dinámica y desbordamiento de búfer) o posiblemente tener otro impacto no especificado a través de una imagen... • http://www.securityfocus.com/bid/97199 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10272
https://notcve.org/view.php?id=CVE-2016-10272
24 Mar 2017 — LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "WRITE of size 2048" and libtiff/tif_next.c:64:9. LibTIFF 4.0.7 permite a atacantes remotos provocar una denegación de servicio (desbordamiento de búfer basado en memoria dinámica) o posiblemente tener otro impacto no especificado a través de una imagen TIFF manipulada, relacionado con "WRITE de tamaño 2048" y libtiff/tif_next.c:64:9. • http://www.securityfocus.com/bid/97197 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2016-10095 – Debian Security Advisory 3903-1
https://notcve.org/view.php?id=CVE-2016-10095
01 Mar 2017 — Stack-based buffer overflow in the _TIFFVGetField function in tif_dir.c in LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7 and 4.0.8 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file. Desbordamiento de búfer basado en pila en la función _TIFFVGetField en tif_dir.c en LibTIFF versiones 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0... • http://bugzilla.maptools.org/show_bug.cgi?id=2625 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •