Libtiff

Libtiff

258 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2012-4564

Exploit
  • EPSS 23.15%
  • Veröffentlicht 11.11.2012 13:00:58
  • Zuletzt bearbeitet 11.04.2025 00:51:21

ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory...

6.8

CVE-2012-4447

  • EPSS 1.27%
  • Veröffentlicht 28.10.2012 15:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format.

6.8

CVE-2012-3401

  • EPSS 0.91%
  • Veröffentlicht 13.08.2012 20:55:08
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service...

7.5

CVE-2012-2088

  • EPSS 2.98%
  • Veröffentlicht 22.07.2012 17:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Integer signedness error in the TIFFReadDirectory function in tif_dirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a negative tile depth in a tiff ...

6.8

CVE-2012-2113

  • EPSS 1.17%
  • Veröffentlicht 22.07.2012 17:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.

6.8

CVE-2012-1173

  • EPSS 4.01%
  • Veröffentlicht 04.06.2012 20:55:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTileSeparate or (2) gtStripSeparate function, leading t...

6.8

CVE-2009-5022

Exploit
  • EPSS 16.07%
  • Veröffentlicht 03.05.2011 20:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in LibTIFF before 3.9.5 allows remote attackers to execute arbitrary code via a crafted TIFF file.

4.3

CVE-2010-4665

  • EPSS 2.31%
  • Veröffentlicht 03.05.2011 20:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF file containing a d...

6.8

CVE-2011-1167

  • EPSS 5.53%
  • Veröffentlicht 28.03.2011 16:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSamp...

6.8

CVE-2010-3087

  • EPSS 1.79%
  • Veröffentlicht 28.09.2010 18:00:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

LibTIFF before 3.9.2-5.2.1 in SUSE openSUSE 11.3 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted TIFF image.