4 matches found
libtiff: use of uninitialized values crash
The TIFFVStripSize function in tifstrip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service application crash via a crafted TIFF image, related to "downsampled OJPEG input" and possibly related to a compiler...
CVE-2010-2596
The OJPEGPostDecode function in tifojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted TIFF image, related to "downsampled OJPEG input."...
Input validation
tifgetimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted TIFF image, related to "downsampled OJPEG...
Input validation
The TIFFVStripSize function in tifstrip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service application crash via a crafted TIFF image, related to "downsampled OJPEG input" and possibly related to a compiler...