Astra Linux – Vulnerability in TIF format

An integer overflow flaw was discovered in libtiff, which resides in the tifgetimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The greatest threat posed by this vulnerability relates to confidentiality, integrity, and system...

EulerOS Virtualization 2.13.0 : libtiff (EulerOS-SA-2026-2406)

According to the versions of the libtiff packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the...

libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing

A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...

Arbitrary File Upload

Overview Affected versions of this package are vulnerable to Arbitrary File Upload through the image decoding process. An attacker can cause the server process to crash by uploading a specially crafted TIFF file that triggers excessive memory allocation. Remediation Upgrade...

libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing

A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...

libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing

A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...

libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing

A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...

Astra Linux - уязвимость в jbigkit

In LibTIFF 4.0.8, there is a memory allocation failure in the tifjbig.c file. A specially crafted TIFF document can cause an abort, leading to a remote denial-of-service attack...

Astra Linux - уязвимость в tiff

LibTIFF 4.4.0 contains an out-of-bounds write vulnerability in tiffcrop, located at line 3609 of tools/tiffcrop.c. This vulnerability allows attackers to cause a denial-of-service attack through a malicious TIF file. For users who compile LibTIFF from source code, the fix is available in the comm...

Astra Linux - уязвимость в tiff

The "Divide By Zero" error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service attack through a crafted TIF file. For users who compile libtiff from source code, the fix is available in the commit f3a5e010...

Astra Linux - уязвимость в tiff

The tiffcrop utility in libtiff has a uint32t underflow, which can lead to out-of-bounds read and write operations. An attacker who provides a crafted file to tiffcrop likely by tricking a user into running tiffcrop with certain parameters could cause a crash or, in some cases, lead to further...

Astra Linux - уязвимость в tiff

A heap buffer overflow in the ExtractImageSection function within the tiffcrop.c file in the libtiff library version 4.3.0 allows attackers to trigger unsafe or out-of-bounds memory access through a crafted TIFF image file. This could lead to application crashes, potential information disclosure,...

Astra Linux - уязвимость в tiff

LibTIFF 4.4.0 contains an out-of-bounds write vulnerability in tiffcrop, located at line 3724 of tools/tiffcrop.c. This vulnerability allows attackers to cause a denial-of-service attack through a malicious TIF file. For users who compile LibTIFF from source code, the fix is available in the comm...

Astra Linux - уязвимость в tiff

LibTIFF 4.4.0 contains an out-of-bounds read in tiffcrop at line 3400 of tools/tiffcrop.c, allowing attackers to cause a denial-of-service attack through a crafted TIF file. For users who compile LibTIFF from source code, the fix is available in the commit afaabc3e...

Astra Linux - уязвимость в tiff

LibTIFF 4.4.0 contains an out-of-bounds read vulnerability in tiffcrop, located at line 3592 of tools/tiffcrop.c. This vulnerability allows attackers to cause a denial-of-service attack through a malicious tiff file. For users who compile LibTIFF from source code, the fix is available in the comm...

Astra Linux - уязвимость в tiff

LibTIFF 4.4.0 contains an out-of-bounds read vulnerability in tiffcrop, located at line 3488 of tools/tiffcrop.c. This vulnerability allows attackers to cause a denial-of-service attack through a malicious tiff file. For users who compile LibTIFF from source code, the fix is available in the comm...

Astra Linux - уязвимость в tiff

LibTIFF 4.4.0 contains an out-of-bounds read vulnerability in the writeSingleSection function located at line 7345 in the tools/tiffcrop.c file. This vulnerability allows attackers to cause a denial-of-service attack through a malicious TIFF file. For users who compile LibTIFF from source code, t...

Astra Linux - уязвимость в tiff

The "Divide By Zero" error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service attack through a crafted TIF file. For users who compile libtiff from source code, the fix is available in the commit f8d0f9aa...

libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing

A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...

Alibaba Cloud Linux 3 : 0106: libtiff (ALINUX3-SA-2026:0106)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0106 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-4775: A flaw was found in the libtiff...