DEBIAN-CVE-2020-18768

There exists one heap buffer overflow in TIFFmemcpy in tifunix.c in libtiff 4.0.10, which allows an attacker to cause a denial-of-service through a crafted tiff file...

The vulnerability of the OpenImageIO image processing library, related to reading data beyond the permissible buffer limits, allows attackers to gain access to confidential data.

The vulnerability of the OpenImageIO image processing library lies in the reading of data beyond the allowed buffer size. Exploiting this vulnerability could allow an attacker to gain access to confidential data through a specially created TIFF file...

CVE-2023-38682

A vulnerability has been identified in JT2Go All versions V14.2.0.5, Teamcenter Visualization V13.2 All versions V13.2.0.14, Teamcenter Visualization V14.1 All versions V14.1.0.10, Teamcenter Visualization V14.2 All versions V14.2.0.5. The affected applications contain an out of bounds read past...

Debian: Security Advisory (DLA-3513-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2023-1385 libtiff security update

This libtiff provides support for the Tag Image File Format TIFF, a widely used format for storing image data. Security Fixes: loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.CVE-2023-26965 A NULL pointer dereference in TIFFClose is...

Moderate: Red Hat Security Advisory: libtiff security update

An update for libtiff is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CVE-2023-30774

A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAGINKNAMES and TIFFTAGNUMBEROFINKS values...

libtiff: out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c

An out-of-bounds write flaw was found in the TIFFmemset function in libtiff/tifunix.c in the libtiff package. By persuading a victim to open a specially-crafted TIFF image file, a remote attacker could cause a denial of service condition...

Fedora: Security Advisory for libheif (FEDORA-2023-440c8694e5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for libheif (FEDORA-2023-e679ea4fa2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for libheif (FEDORA-2023-fd63c401df)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-221-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2008-2327

Multiple buffer underflows in the 1 LZWDecode, 2 LZWDecodeCompat, and 3 LZWDecodeVector functions in tiflzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODECLEAR code...

SUSE CVE-2009-1882

Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and GraphicsMagick, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow. NOTE: some of these details are...

SUSE CVE-2010-2067

Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tifdirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file...

SUSE CVE-2010-4665

Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted TIFF file containing a directory data structure with many directory entri...

SUSE CVE-2011-0191

Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF image with JPEG encoding...

SUSE CVE-2011-0215

ImageIO in Apple Safari before 5.0.6 on Windows does not properly address re-entrancy issues, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF file...

SUSE CVE-2016-9534

tifwrite.c in libtiff 4.0.6 has an issue in the error code path of TIFFFlushData1 that didn't reset the tifrawcc and tifrawcp members. Reported as MSVR 35095, aka "TIFFFlushData1 heap-buffer-overflow."...

SUSE CVE-2017-2899

An exploitable integer overflow exists in the TIFF loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.tif' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application...