Libtiff

Libtiff

258 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2018-17795

Exploit
  • EPSS 1.87%
  • Veröffentlicht 30.09.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:54:59

The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar...

8.8

CVE-2018-17100

  • EPSS 0.37%
  • Veröffentlicht 16.09.2018 21:29:01
  • Zuletzt bearbeitet 21.11.2024 03:53:52

An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file.

8.8

CVE-2018-17101

  • EPSS 0.57%
  • Veröffentlicht 16.09.2018 21:29:01
  • Zuletzt bearbeitet 21.11.2024 03:53:52

An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.

6.5

CVE-2018-17000

Exploit
  • EPSS 0.93%
  • Veröffentlicht 13.09.2018 16:29:01
  • Zuletzt bearbeitet 21.11.2024 03:53:40

A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered...

8.8

CVE-2018-16335

  • EPSS 2.29%
  • Veröffentlicht 02.09.2018 03:29:00
  • Zuletzt bearbeitet 21.11.2024 03:52:32

newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIF...

8.8

CVE-2018-15209

Exploit
  • EPSS 0.66%
  • Veröffentlicht 08.08.2018 04:29:00
  • Zuletzt bearbeitet 21.11.2024 03:50:31

ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated...

8.8

CVE-2018-12900

Exploit
  • EPSS 10.81%
  • Veröffentlicht 26.06.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:03

Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 ...

6.5

CVE-2018-10963

Exploit
  • EPSS 0.37%
  • Veröffentlicht 10.05.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:24

The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726.

6.5

CVE-2018-10801

Exploit
  • EPSS 0.4%
  • Veröffentlicht 08.05.2018 06:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:03

TIFFClientOpen in tif_unix.c in LibTIFF 3.8.2 has memory leaks, as demonstrated by bmp2tiff.

6.5

CVE-2018-10779

Exploit
  • EPSS 0.64%
  • Veröffentlicht 07.05.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:02

TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff.