Libtiff

Libtiff

262 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2019-6128

Exploit
  • EPSS 2.34%
  • Veröffentlicht 11.01.2019 05:29:01
  • Zuletzt bearbeitet 21.11.2024 04:45:59

The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.

6.5

CVE-2018-19210

Exploit
  • EPSS 6.3%
  • Veröffentlicht 12.11.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:57:33

In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset.

6.5

CVE-2018-18661

Exploit
  • EPSS 0.17%
  • Veröffentlicht 26.10.2018 14:29:02
  • Zuletzt bearbeitet 21.11.2024 03:56:20

An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c.

8.8

CVE-2018-18557

Exploit
  • EPSS 23.57%
  • Veröffentlicht 22.10.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:56:09

LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignorin...

8.8

CVE-2018-17795

Exploit
  • EPSS 1.53%
  • Veröffentlicht 30.09.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:54:59

The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar...

8.8

CVE-2018-17100

  • EPSS 0.3%
  • Veröffentlicht 16.09.2018 21:29:01
  • Zuletzt bearbeitet 21.11.2024 03:53:52

An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file.

8.8

CVE-2018-17101

  • EPSS 0.54%
  • Veröffentlicht 16.09.2018 21:29:01
  • Zuletzt bearbeitet 21.11.2024 03:53:52

An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.

6.5

CVE-2018-17000

Exploit
  • EPSS 1.21%
  • Veröffentlicht 13.09.2018 16:29:01
  • Zuletzt bearbeitet 21.11.2024 03:53:40

A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered...

8.8

CVE-2018-16335

  • EPSS 1.92%
  • Veröffentlicht 02.09.2018 03:29:00
  • Zuletzt bearbeitet 21.11.2024 03:52:32

newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIF...

8.8

CVE-2018-15209

Exploit
  • EPSS 0.63%
  • Veröffentlicht 08.08.2018 04:29:00
  • Zuletzt bearbeitet 21.11.2024 03:50:31

ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated...