Libtiff

Libtiff

261 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2013-4232

  • EPSS 1.33%
  • Veröffentlicht 10.09.2013 19:55:11
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in the t2p_readwrite_pdf_image function in tools/tiff2pdf.c in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted TIFF image.

6.8

CVE-2013-4243

  • EPSS 18.71%
  • Veröffentlicht 10.09.2013 19:55:11
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF ...

6.8

CVE-2012-5581

  • EPSS 1.64%
  • Veröffentlicht 04.01.2013 22:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Stack-based buffer overflow in tif_dir.c in LibTIFF before 4.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DOTRANGE tag in a TIFF image.

6.8

CVE-2012-4564

Exploit
  • EPSS 27.17%
  • Veröffentlicht 11.11.2012 13:00:58
  • Zuletzt bearbeitet 11.04.2025 00:51:21

ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory...

6.8

CVE-2012-4447

  • EPSS 1.19%
  • Veröffentlicht 28.10.2012 15:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format.

6.8

CVE-2012-3401

  • EPSS 0.92%
  • Veröffentlicht 13.08.2012 20:55:08
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service...

7.5

CVE-2012-2088

  • EPSS 2.98%
  • Veröffentlicht 22.07.2012 17:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Integer signedness error in the TIFFReadDirectory function in tif_dirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a negative tile depth in a tiff ...

6.8

CVE-2012-2113

  • EPSS 1.17%
  • Veröffentlicht 22.07.2012 17:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.

6.8

CVE-2012-1173

  • EPSS 4.01%
  • Veröffentlicht 04.06.2012 20:55:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTileSeparate or (2) gtStripSeparate function, leading t...

6.8

CVE-2009-5022

Exploit
  • EPSS 16.56%
  • Veröffentlicht 03.05.2011 20:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in LibTIFF before 3.9.5 allows remote attackers to execute arbitrary code via a crafted TIFF file.