Oracle Linux 10 : libtiff (ELSA-2025-20998)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20998 advisory. 4.6.0-6.1 - Fix buffer underflow in TIFFReadRGBAImageOriented. - Resolves: RHEL-112524 Tenable has extracted the preceding description block directly from the...

libtiff security update

4.0.3-35.0.1 - fix CVE-2025-8176: prevent skipping first line in tiffdither and tiffmedian tools Orabug: 38658716 - fix CVE-2025-8177: buffer overflow thumbnail setrow Orabug: 38658716 - fix CVE-2025-9900: buffer underflow crash in TIFFReadRGBAImageOriented Orabug: 38658716...

SUSE SLED15 / SLES15 Security Update : tiff (SUSE-SU-2025:3941-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:3941-1 advisory. - CVE-2025-9900: Fixed Write-What-Where in libtiff via TIFFReadRGBAImageOriented bsc1250413. Tenable has extracted the...

SUSE-SU-2025:3961-1 Security update for tiff

This update for tiff fixes the following issues: - CVE-2025-9900: Fixed Write-What-Where in libtiff via TIFFReadRGBAImageOriented bsc1250413...

Oracle Linux 8 : libtiff (ELSA-2025-19276)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-19276 advisory. 4.0.9-35 - fix CVE-2025-9900: buffer underflow crash in TIFFReadRGBAImageOriented RHEL-112533 Tenable has extracted the preceding description block directly fr...

Oracle Linux 10 : libtiff (ELSA-2025-19156)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-19156 advisory. 4.6.0-6.1 - Fix buffer underflow crash in TIFFReadRGBAImageOriented - Resolves: RHEL-112522 Tenable has extracted the preceding description block directly fro...

Oracle Linux 8 : compat-libtiff3 (ELSA-2025-17675)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-17675 advisory. 3.9.4-14 - fix CVE-2025-9900: Write-What-Where via TIFFReadRGBAImageOriented RHEL-112528 Tenable has extracted the preceding description block directly from th...

Write-what-where Condition

Overview Affected versions of this package are vulnerable to Write-what-where Condition in the TIFFReadRGBAImageOriented function while processing paletted images with malformed metadata. TIFF file. An attacker can achieve arbitrary memory write by convincing a user to open a specially crafted TI...

poppler and evince security update

evince 3.28.2-9 - Handle failure from TIFFReadRGBAImageOriented - Resolves: 1717352 poppler 0.26.5-42 - Fix potential integer overflow and check length for negative values - Resolves: 1757283 0.26.5-41 - Ignore dict Length if it is broken - Resolves: 1733026 0.26.5-40 - Fail gracefully if not all...

Debian DLA-1881-1 : evince security update

A few issues were found in the Evince document viewer. CVE-2017-1000159 When printing from DVI to PDF, the dvipdfm tool was called without properly sanitizing the filename, which could lead to a command injection attack via the filename. CVE-2019-11459 The tiffdocumentrender and...

Debian DLA-1882-1 : atril security update

A few issues were found in Atril, the MATE document viewer. CVE-2017-1000159 When printing from DVI to PDF, the dvipdfm tool was called without properly sanitizing the filename, which could lead to a command injection attack via the filename. CVE-2019-11459 The tiffdocumentrender and...

UBUNTU-CVE-2019-11459

The tiffdocumentrender and tiffdocumentgetthumbnail functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented, leading to uninitialized memory use when processing certain TIFF image files...