Astra Linux - уязвимость в tiff

A segment fault SEGV flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service...

USN-7707-1: LibTIFF vulnerabilities

It was discovered that LibTIFF incorrectly handled certain memory operations when using tiffmedian tool. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to cause a denial of service. CVE-2025-8176 It was discovered that LibTIFF did...

ALPINE-CVE-2022-4645

LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125...

LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592 allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources the fix is available with commit afaabc3e.

...

SUSE CVE-2017-2870

An exploitable integer overflow vulnerability exists in the tiffimageparse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. A specially crafted tiff file can cause a heap-overflow resulting in remote code execution. An attacker can send a file or a URL to trigger this vulnerability...

libtiff: heap-buffer-overflow in TIFFReadRawDataStriped() in tiffinfo.c

A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service...

USN-5619-1 tiff vulnerabilities

It was discovered that LibTIFF was not properly performing the calculation of data that would eventually be used as a reference for bound-checking operations. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu...

libtiff: Memory allocation failure in tiff2rgba

A flaw was found in libtiff. Due to a memory allocation failure in tifread.c, a crafted TIFF file can lead to an abort, resulting in denial of service...

UBUNTU-CVE-2018-15209

ChopUpSingleUncompressedStrip in tifdirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf...

PT-2018-10663 · Little Cms +1 · Little Cms +1

Name of the Vulnerable Software and Affected Versions: Little CMS version 2.9 Description: The issue is related to an out-of-bounds write in the PrecalculatedXFORM function in cmsxform.c in liblcms2.a. This can be triggered via a crafted TIFF file. However, it's noted that the Little CMS develope...