Libtiff

Libtiff

262 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2018-12900

Exploit
  • EPSS 9.89%
  • Veröffentlicht 26.06.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:03

Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 ...

6.5

CVE-2018-10963

Exploit
  • EPSS 0.13%
  • Veröffentlicht 10.05.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:24

The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726.

6.5

CVE-2018-10801

Exploit
  • EPSS 0.41%
  • Veröffentlicht 08.05.2018 06:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:03

TIFFClientOpen in tif_unix.c in LibTIFF 3.8.2 has memory leaks, as demonstrated by bmp2tiff.

6.5

CVE-2018-10779

Exploit
  • EPSS 0.51%
  • Veröffentlicht 07.05.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:02

TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff.

6.5

CVE-2018-10126

Exploit
  • EPSS 0.64%
  • Veröffentlicht 21.04.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:40:53

ijg-libjpeg before 9d, as used in tiff2pdf (from LibTIFF) and other products, does not check for a NULL pointer at a certain place in jpeg_fdct_16x16 in jfdctint.c.

8.8

CVE-2018-8905

Exploit
  • EPSS 0.64%
  • Veröffentlicht 22.03.2018 04:29:00
  • Zuletzt bearbeitet 21.11.2024 04:14:34

In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps.

8.8

CVE-2014-8129

Exploit
  • EPSS 1.46%
  • Veröffentlicht 12.03.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 02:18:37

LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the...

6.5

CVE-2014-8130

Exploit
  • EPSS 2.08%
  • Veröffentlicht 12.03.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 02:18:37

The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteS...

8.8

CVE-2016-5314

Exploit
  • EPSS 1.1%
  • Veröffentlicht 12.03.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 02:54:04

Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated...

6.5

CVE-2018-7456

Exploit
  • EPSS 0.66%
  • Veröffentlicht 24.02.2018 06:29:00
  • Zuletzt bearbeitet 21.11.2024 04:12:10

A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4....