Libtiff

Libtiff

261 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2016-3621

  • EPSS 0.68%
  • Veröffentlicht 03.10.2016 16:09:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c lzw" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.

7.5

CVE-2016-3620

Exploit
  • EPSS 0.59%
  • Veröffentlicht 03.10.2016 16:09:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The ZIPEncode function in tif_zip.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c zip" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.

6.5

CVE-2016-3619

Exploit
  • EPSS 0.92%
  • Veröffentlicht 03.10.2016 16:09:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c none" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.

7.8

CVE-2016-3991

  • EPSS 0.44%
  • Veröffentlicht 21.09.2016 18:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image with zero tiles.

7.8

CVE-2016-3990

  • EPSS 0.46%
  • Veröffentlicht 21.09.2016 18:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image to tiffcp.

7.8

CVE-2016-3945

  • EPSS 0.16%
  • Veröffentlicht 21.09.2016 18:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile functions in the tiff2rgba tool in LibTIFF 4.0.6 and earlier, when -b mode is enabled, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a ...

7.8

CVE-2016-3632

  • EPSS 0.26%
  • Veröffentlicht 21.09.2016 18:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image.

6.2

CVE-2016-3186

  • EPSS 0.77%
  • Veröffentlicht 19.04.2016 14:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file.

6.5

CVE-2015-8784

  • EPSS 1.52%
  • Veröffentlicht 13.04.2016 17:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image, as demonstrated by libtiff5.tif.

5.5

CVE-2015-8683

  • EPSS 0.21%
  • Veröffentlicht 13.04.2016 17:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The putcontig8bitCIELab function in tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a packed TIFF image.