Libtiff

Libtiff

261 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2018-10963

Exploit
  • EPSS 0.39%
  • Veröffentlicht 10.05.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:24

The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726.

6.5

CVE-2018-10801

Exploit
  • EPSS 0.4%
  • Veröffentlicht 08.05.2018 06:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:03

TIFFClientOpen in tif_unix.c in LibTIFF 3.8.2 has memory leaks, as demonstrated by bmp2tiff.

6.5

CVE-2018-10779

Exploit
  • EPSS 0.32%
  • Veröffentlicht 07.05.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:02

TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff.

6.5

CVE-2018-10126

Exploit
  • EPSS 0.3%
  • Veröffentlicht 21.04.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:40:53

ijg-libjpeg before 9d, as used in tiff2pdf (from LibTIFF) and other products, does not check for a NULL pointer at a certain place in jpeg_fdct_16x16 in jfdctint.c.

8.8

CVE-2018-8905

Exploit
  • EPSS 0.64%
  • Veröffentlicht 22.03.2018 04:29:00
  • Zuletzt bearbeitet 21.11.2024 04:14:34

In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps.

8.8

CVE-2014-8129

Exploit
  • EPSS 1.46%
  • Veröffentlicht 12.03.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 02:18:37

LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the...

6.5

CVE-2014-8130

Exploit
  • EPSS 2.08%
  • Veröffentlicht 12.03.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 02:18:37

The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteS...

8.8

CVE-2016-5314

Exploit
  • EPSS 1.1%
  • Veröffentlicht 12.03.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 02:54:04

Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated...

6.5

CVE-2018-7456

Exploit
  • EPSS 0.69%
  • Veröffentlicht 24.02.2018 06:29:00
  • Zuletzt bearbeitet 21.11.2024 04:12:10

A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4....

6.5

CVE-2018-5784

Exploit
  • EPSS 0.39%
  • Veröffentlicht 19.01.2018 08:29:00
  • Zuletzt bearbeitet 21.11.2024 04:09:23

In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared nu...