2 results (0.024 seconds)

CVSS: 7.5EPSS: 4%CPEs: 68EXPL: 0

Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1 http://www.idefense.com/application/poi/display?id=173&type=vulnerabilities&flashstatus=true http://www.kb.cert.org/vuls/id/539110 http://www.us-cert.gov/cas/techalerts/TA05-136A.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11175 https: •

CVSS: 4.6EPSS: 0%CPEs: 8EXPL: 0

Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57627 http://www.ciac.org/ciac/bulletins/o-202.shtml http://www.idefense.com/application/poi/display?id=132&type=vulnerabilities http://www.kb.cert.org/vuls/id/928598 http://www.securityfocus.com/bid/11027 https://exchange.xforce.ibmcloud.com/vulnerabilities/17095 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4030 •