Libtiff

Libtiff

258 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2015-8782

  • EPSS 1.56%
  • Published 01.02.2016 21:59:02
  • Last modified 12.04.2025 10:46:40

tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds writes) via a crafted TIFF image, a different vulnerability than CVE-2015-8781.

6.5

CVE-2015-8781

  • EPSS 2.09%
  • Published 01.02.2016 21:59:01
  • Last modified 12.04.2025 10:46:40

tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-2015-8782.

9.8

CVE-2015-8668

Exploit
  • EPSS 9.72%
  • Published 08.01.2016 19:59:18
  • Last modified 12.04.2025 10:46:40

Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image.

9.8

CVE-2015-7554

Exploit
  • EPSS 0.5%
  • Published 08.01.2016 19:59:06
  • Last modified 12.04.2025 10:46:40

The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image.

5

CVE-2014-9330

  • EPSS 1.17%
  • Published 20.01.2015 15:59:04
  • Last modified 12.04.2025 10:46:40

Integer overflow in tif_packbits.c in bmp2tif in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) via crafted BMP image, related to dimensions, which triggers an out-of-bounds read.

4.3

CVE-2013-4231

  • EPSS 21.41%
  • Published 19.01.2014 17:16:28
  • Last modified 11.04.2025 00:51:21

Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3) a long filename for a TIFF...

6.8

CVE-2013-4244

  • EPSS 0.65%
  • Published 28.09.2013 19:55:03
  • Last modified 11.04.2025 00:51:21

The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted GIF image.

6.8

CVE-2013-4232

  • EPSS 1.67%
  • Published 10.09.2013 19:55:11
  • Last modified 11.04.2025 00:51:21

Use-after-free vulnerability in the t2p_readwrite_pdf_image function in tools/tiff2pdf.c in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted TIFF image.

6.8

CVE-2013-4243

  • EPSS 18.63%
  • Published 10.09.2013 19:55:11
  • Last modified 11.04.2025 00:51:21

Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF ...

6.8

CVE-2012-5581

  • EPSS 1.61%
  • Published 04.01.2013 22:55:02
  • Last modified 11.04.2025 00:51:21

Stack-based buffer overflow in tif_dir.c in LibTIFF before 4.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DOTRANGE tag in a TIFF image.