Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2016-9297

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service out-of-bounds read via crafted TIFFSETGETC16ASCII or...

7.5CVSS6.8AI score0.06471EPSS
Exploits0References2
Prion
Prion
added 2017/01/27 5:59 p.m.28 views

Null pointer dereference

The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service NULL pointer dereference and crash by setting the tags TIFFSETGETC16ASCII or TIFFSETGETC32ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix f...

5CVSS7.5AI score0.06471EPSS
Exploits0References6Affected Software2
CVE
CVE
added 2017/01/18 5:0 p.m.151 views

CVE-2016-9297

The CVE-2016-9297 issue affects LibTIFF, specifically LibTIFF 4.0.6, where the TIFFFetchNormalTag function can be misused with crafted TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII tag values to trigger an out-of-bounds read (denial of service). Related entries note an incomplete fix (CVE-2016-94...

7.5CVSS7.2AI score0.06471EPSS
Exploits0References6Affected Software1
UbuntuCve
UbuntuCve
added 2017/01/18 12:0 a.m.39 views

CVE-2016-9297

The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service out-of-bounds read via crafted TIFFSETGETC16ASCII or TIFFSETGETC32ASCII tag values...

7.5CVSS6.9AI score0.06471EPSS
Exploits0References3
Debian
Debian
added 2017/01/13 3:45 p.m.47 views

[SECURITY] [DSA 3762-1] tiff security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3762-1 [email protected] https://www.debian.org/security/ Laszlo Boszormenyi GCS January 13, 2017 https://www.debian.org/security/faq -...

9.8CVSS8.5AI score0.06471EPSS
Exploits11
Tenable Nessus
Tenable Nessus
added 2017/01/03 12:0 a.m.87 views

SUSE SLED12 / SLES12 Security Update : tiff (SUSE-SU-2016:3301-1)

The tiff library and tools were updated to version 4.0.7 fixing various bug and security issues. - CVE-2014-8127: out-of-bounds read with malformed TIFF image in multiple tools bnc914890 - CVE-2016-9297: tifdirread.c read outside buffer in TIFFPrintField bnc1010161 - CVE-2016-3658: Illegal read i...

7.8CVSS7.2AI score0.06471EPSS
Exploits4References34
OpenVAS
OpenVAS
added 2016/12/08 12:0 a.m.30 views

openSUSE: Security Advisory for tiff (openSUSE-SU-2016:3035-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.05669EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2016/12/07 3:8 p.m.44 views

Security update for tiff (important)

Tiff was updated to version 4.0.7. This update fixes the following issues: libtiff/tifaux.c + Fix crash in TIFFVGetFieldDefaulted when requesting Predictor tag and that the zip/lzw codec is not configured. http://bugzilla.maptools.org/showbug.cgi?id=2591 libtiff/tifcompress.c + Make TIFFNoDecode...

7.5CVSS0.06471EPSS
Exploits5References11
OSV
OSV
added 2016/11/28 12:13 a.m.9 views

MGASA-2016-0405 Updated libtiff packages fix security vulnerability

The updated packages fix: - A regression introduced by the fix for CVE-2016-9297 CVE-2016-9448. - An out-of-bounds Write memcpy and less bound check in tiff2pdf CVE-2016-9453...

7.8CVSS7.6AI score0.04975EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2016/11/23 5:19 p.m.42 views

CVE-2016-9448

The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service NULL pointer dereference and crash by setting the tags TIFFSETGETC16ASCII or TIFFSETGETC32ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix f...

7.5CVSS5.3AI score0.06471EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/11/23 12:0 a.m.36 views

Debian DLA-716-1 : tiff security update

Multiple memory corruption issues have been identified in libtiff and its associated tools. CVE-2016-9273 Heap buffer overflow in cpStrips. CVE-2016-9297 Read outside buffer in TIFFPrintField. CVE-2016-9532 Heap buffer overflow via writeBufferToSeparateStrips. For Debian 7 'Wheezy', these problem...

7.5CVSS7AI score0.06471EPSS
Exploits0References5
OSV
OSV
added 2016/11/17 11:40 p.m.11 views

MGASA-2016-0388 Updated libtiff packages fix security vulnerability

A read outside of array in tiffsplit or other utilities using TIFFNumberOfStrips CVE-2016-9273. A potential read outside buffer in TIFFPrintField CVE-2016-9297. Multiple uint32 overflows in writeBufferToSeparateStrips, writeBufferToContigTiles and writeBufferToSeparateTiles that could cause heap...

7.5CVSS5.9AI score0.06471EPSS
Exploits0References5
Hacker One
Hacker One
added 2016/11/14 7:35 p.m.48 views

Internet Bug Bounty: libtiff 4.0.6 segfault / read outside of buffer (CVE-2016-9297)

segfault and read outside of buffer in libtiff 4.0.6 and possibly earlier. This library is baked into web browsers used by millions and also devices like the PlayStation Portable and the iPhone. http://bugzilla.maptools.org/showbug.cgi?id=2590 Reported to the vendor on 7 November 2016: ASAN:SIGSE...

5CVSS8AI score0.06471EPSS
Exploits0
Rows per page
Query Builder