Debian DSA-5333-1 : tiff - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5333 advisory. Several buffer overflow, divide by zero or out of bounds read/write vulnerabilities were discovered in tiff, the Tag Image File Format TIFF library and tools, whi...

Denial Of Service

libtiff.so is vulnerable to denial of service DoS attacks. A malicious user is able to cause denial of service conditions via a crafted TIFF file through TIFFVGetField function, resulting in an application crash...

CVE-2022-34526

A stack overflow flaw was found in the TIFFVGetField function of Tiffsplit. This vulnerability allows attackers to cause a denial of service DoS via a crafted TIFF file...

CVE-2022-34526

CVE-2022-34526 affects LibTIFF: a stack overflow in TIFFVGetField in Tiffsplit v4.4.0 can be triggered by processing crafted TIFF files via tiffsplit or tiffcrop, leading to DoS. The Connected documents confirm impact on the libtiff/tools, with advisories and mitigations from multiple vendors (e....

imagemagick:ping_tiff_fuzzer: Stack-buffer-overflow in _TIFFVGetField

Detailed Report: https://oss-fuzz.com/testcase?key=5748561614733312 Project: imagemagick Fuzzing Engine: libFuzzer Fuzz Target: pingtifffuzzer Job Type: libfuzzerasani386imagemagick Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 4 Crash Address: 0xff974750 Crash State: TIFFVGetField...

Denial Of Service (DoS)

libtiff.so is vulnerable to denial of service DoS or remote code execution. It can happen because the attacker can perform Illegal writes by sending a malicious TIFF file to the TIFFVGetField function in tifdirinfo.c. It can also cause a remote code execution if an attacker writes malicious code...

LibTIFF - _TIFFVGetField (tiffsplit) Out-of-Bounds Read Exploit

Exploit for linux platform in category dos / poc Source: http://bugzilla.maptools.org/showbug.cgi?id=2693 On 4.0.7: tiffsplit $FILE ==2007== Invalid read of size 4 ==2007== at 0x40CD1A: TIFFVGetField tifdir.c:1072 ==2007== by 0x41B2C5: TIFFVGetField tifdir.c:1198 ==2007== by 0x41B2C5: TIFFGetFiel...

LibTIFF - _TIFFVGetField (tiffsplit) Out-of-Bounds Read

LibTIFF - TIFFVGetField tiffsplit Out-of-Bounds Read Source: http://bugzilla.maptools.org/showbug.cgi?id=2693 On 4.0.7: tiffsplit $FILE ==2007== Invalid read of size 4 ==2007== at 0x40CD1A: TIFFVGetField tifdir.c:1072 ==2007== by 0x41B2C5: TIFFVGetField tifdir.c:1198 ==2007== by 0x41B2C5:...

CVE-2017-9147

LibTIFF 4.0.7 has an invalid read in the TIFFVGetField function in tifdir.c, which might allow remote attackers to cause a denial of service crash via a crafted TIFF file...

CVE-2017-9147

LibTIFF 4.0.7 has an invalid read in the TIFFVGetField function in tifdir.c, which might allow remote attackers to cause a denial of service crash via a crafted TIFF file...

CVE-2017-9147

LibTIFF 4.0.7 has an invalid read in the TIFFVGetField function in tifdir.c, which might allow remote attackers to cause a denial of service crash via a crafted TIFF file...

Design/Logic Flaw

LibTIFF 4.0.7 has an invalid read in the TIFFVGetField function in tifdir.c, which might allow remote attackers to cause a denial of service crash via a crafted TIFF file...

CVE-2017-9147

LibTIFF 4.0.7 is affected by CVE-2017-9147 due to an invalid read in the _TIFFVGetField function (tif_dir.c). A crafted TIFF file could crash the application (remote denial of service). This detail is corroborated by connected vulnerability listings (e.g., EulerOS/DSA advisories) that describe th...

CVE-2017-9147

LibTIFF 4.0.7 has an invalid read in the TIFFVGetField function in tifdir.c, which might allow remote attackers to cause a denial of service crash via a crafted TIFF file...

CVE-2017-9147

LibTIFF 4.0.7 has an invalid read in the TIFFVGetField function in tifdir.c, which might allow remote attackers to cause a denial of service crash via a crafted TIFF file...