19 matches found
MiracleLinux 9 : libtiff-4.4.0-12.el9 (AXSA:2024-8043:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8043:01 advisory. libtiff: infinite loop via a crafted TIFF file CVE-2022-40090 libtiff: segmentation fault in Fax3Encode in libtiff/tiffax3.c CVE-2023-3618 libtiff:...
Linux Distros Unpatched Vulnerability : CVE-2023-41175
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service o...
Medium: libtiff
Issue Overview: Multiple potential integer overflow in raw2tiff.c in libtiff = 4.5.1 can allow remote attackers to cause a denial of service application crash or possibly execute an arbitrary code via a crafted tiff image which triggers a heap-based buffer overflow. CVE-2023-41175 Affected...
Amazon Linux 2 : libtiff (ALAS-2024-2655)
The version of libtiff installed on the remote host is prior to 4.0.3-35. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2655 advisory. Multiple potential integer overflow in raw2tiff.c in libtiff = 4.5.1 can allow remote attackers to cause a denial of service...
Important: libtiff
Issue Overview: Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other...
ALSA-2024:2289 Moderate: libtiff security update
The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: infinite loop via a crafted TIFF file CVE-2022-40090 libtiff: segmentation fault in Fax3Encode in libtiff/tiffax3.c CVE-2023-3618 libtiff: integer overflow in tiffcp....
SUSE-SU-2024:0973-1 Security update for tiff
This update for tiff fixes the following issues: - CVE-2023-41175: Fixed potential integer overflow in raw2tiff.c bsc1214686. - CVE-2023-38288: Fixed potential integer overflow in raw2tiff.c bsc1213590. - CVE-2023-40745: Fixed integer overflow in tiffcp.c bsc1214687...
Updated libtiff packages fix security vulnerabilities
LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service application crash or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. CVE-2023-40745 A vulnerability was found in libtiff due to...
SUSE-SU-2024:0915-1 Security update for tiff
This update for tiff fixes the following issues: - CVE-2023-41175: Fixed potential integer overflow in raw2tiff.c bsc1214686. - CVE-2023-38288: Fixed potential integer overflow in raw2tiff.c bsc1213590. - CVE-2023-40745: Fixed integer overflow in tiffcp.c bsc1214687. - CVE-2015-8668: Fixed...
Huawei EulerOS: Security Advisory for compat-libtiff3 (EulerOS-SA-2024-1134)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2024-1148)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 5567-1] tiff security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5567-1 [email protected] https://www.debian.org/security/ Aron Xu November 27, 2023 https://www.debian.org/security/faq - -...
CVE-2023-41175 affecting package libtiff for versions less than 4.6.0-1
CVE-2023-41175 affecting package libtiff for versions less than 4.6.0-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-41175
creationtimestamp| type| source ---|---|--- 2023-10-05 22:13:01+00:00| seen| https://t.me/cibsecurity/71674...
BELL-CVE-2023-41175
Bulletin has no description...
CVE-2023-41175
CVE-2023-41175 affects libtiff: multiple potential integer overflows in raw2tiff.c can cause a heap-based buffer overflow, enabling remote denial of service or potentially arbitrary code execution when processing crafted TIFF images. Public advisories reference libtiff
Medium: libtiff
Issue Overview: Multiple potential integer overflow in raw2tiff.c in libtiff = 4.5.1 can allow remote attackers to cause a denial of service application crash or possibly execute an arbitrary code via a crafted tiff image which triggers a heap-based buffer overflow. CVE-2023-41175 Affected...
Amazon Linux 2023 : libtiff, libtiff-devel, libtiff-static (ALAS2023-2023-364)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-364 advisory. LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that...
Debian: Security Advisory (DLA-3513-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...