Astra Linux - уязвимость в tiff

LibTIFF 4.4.0 contains an out-of-bounds read vulnerability in tiffcrop, located at line 368 of libtiff/tifunix.c. This vulnerability is invoked by lines 2903 and 6921 in tools/tiffcrop.c. This allows attackers to cause a denial-of-service attack through a crafted TIF file. For users who compile...

libtiff: heap buffer overflow in extractImageSection

A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other...

CVE-2021-34299

A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The Tiffloader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds read past the end of an...

(gif2tiff): GIF LZW decoder missing datasize value check

Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service out-of-bounds write via a crafted 1 extension block in a GIF image or 2 GIF raster image to tools/gif2tiff.c or 3 a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are...

libtiff: use of uninitialized memory in LZW decoder

Multiple buffer underflows in the 1 LZWDecode, 2 LZWDecodeCompat, and 3 LZWDecodeVector functions in tiflzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODECLEAR code...