102 matches found
Null pointer dereference
A NULL pointer dereference flaw was found in Libtiff's LZWDecode function in the libtiff/tiflzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or...
CVE-2023-2731
A NULL pointer dereference flaw was found in Libtiff's LZWDecode function in the libtiff/tiflzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or...
CVE-2023-2731
The CVE-2023-2731 issue is a NULL pointer dereference in Libtiff’s LZWDecode() (libtiff/tif_lzw.c). It allows a local attacker to craft input data to cause a crash or denial of service when decompressing TIFF files. Connected advisories confirm libtiff-related fixes and updated packages (e.g., va...
CVE-2023-2731
A NULL pointer dereference flaw was found in Libtiff's LZWDecode function in the libtiff/tiflzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or...
CVE-2023-2731
A NULL pointer dereference flaw was found in Libtiff's LZWDecode function in the libtiff/tiflzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or...
CVE-2023-2731
A NULL pointer dereference flaw was found in Libtiff's LZWDecode function in the libtiff/tiflzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or...
CVE-2023-2731
A NULL pointer dereference flaw was found in Libtiff's LZWDecode function in the libtiff/tiflzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or...
PT-2023-3429 · Libtiff +7 · Libtiff +7
Name of the Vulnerable Software and Affected Versions: LibTIFF affected versions not specified Description: The issue is related to a NULL pointer dereference flaw in the LZWDecode function, located in the libtiff/tif lzw.c file. This flaw can be exploited by a local attacker who crafts specific...
SUSE CVE-2018-18661
An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tiflzw.c...
SUSE CVE-2022-1623
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tiflzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa...
SUSE CVE-2022-1622
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tiflzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa...
Debian DSA-5333-1 : tiff - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5333 advisory. Several buffer overflow, divide by zero or out of bounds read/write vulnerabilities were discovered in tiff, the Tag Image File Format TIFF library and tools, whi...
Amazon Linux 2022 : libtiff, libtiff-devel, libtiff-static (ALAS2022-2022-183)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-183 advisory. Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available wi...
OESA-2022-1728 libtiff security update
This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...
Updated libtiff packages fix security vulnerability
Heap-buffer-overflow in TIFFReadRawDataStriped in tiffinfo.c. CVE-2022-1354 Stack-buffer-overflow in tiffcp.c in main. CVE-2022-1355 Out-of-bounds read in LZWDecode. CVE-2022-1622, CVE-2022-1623...
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624 allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources the fix is available with commit b4e79bfa.
...
Denial Of Service (DoS)
libtiff.so is vulnerable to denial of service attacks. The vulnerability exists in the LZWDecode function the tiflzw.c which allows a malicious user to cause denial-of-service conditions via an out-of-bounds read through a crafted tiff file...
CVE-2022-1623
An out-of-bounds read vulnerability was found in Libtiff's LZWDecode function in libtiff/tiflzw.c. This flaw allows an attacker to perform a denial-of-service attack via a crafted tiff file, leading to the application crashing...
CVE-2022-1622
An out-of-bounds read vulnerability was found in Libtiff's LZWDecode function in libtiff/tiflzw.c. This flaw allows an attacker to perform a denial-of-service attack via a crafted tiff file, leading to the application crashing...
CVE-2022-1623
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tiflzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa...