19 matches found
Arbitrary Code Execution
libtiff is vulnerable to arbitrary code execution. A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF Internet Fax image files, compressed with the CCITT Group 4 compression algorithm. An attacker could use this flaw to create a specially-crafted TIFF file that,...
Magecart Group 4: A link with Cobalt Group?
Note: This blog post is a collaboration between the Malwarebytes and HYAS Threat Intelligence teams. Magecart is a term that has become a household name, and it refers to the theft of credit card data via online stores. The most common scenario is for criminals to compromise e-commerce sites by...
Oracle Linux 5 / 6 : libtiff (ELSA-2011-0392)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2011-0392 advisory. - Fix incorrect fix for CVE-2011-0192 Resolves: 688829 Tenable has extracted the preceding description block directly from the Oracle Linux security advisor...
Scientific Linux Security Update : libtiff on SL4.x, SL5.x i386/x86_64
A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF Internet Fax image files, compressed with the CCITT Group 4 compression algorithm. An attacker could use this flaw to create a specially crafted TIFF file that, when opened, would cause an application linked...
Scientific Linux Security Update : libtiff on SL5.x i386/x86_64
A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF files encoded with a 4-bit run-length encoding scheme from ThunderScan. An attacker could use this flaw to create a specially crafted TIFF file that, when opened, would cause an application linked against libtif...
Scientific Linux Security Update : libtiff on SL4.x i386/x86_64
A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF files encoded with a 4-bit run-length encoding scheme from ThunderScan. An attacker could use this flaw to create a specially crafted TIFF file that, when opened, would cause an application linked against libtif...
CentOS Update for libtiff CESA-2011:0318 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Heap overflow
Heap-based buffer overflow in ImageIO in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF image with CCITT Group 4 encoding...
CVE-2011-0241
CVE-2011-0241: Heap-based buffer overflow in ImageIO used by Apple Safari’s TIFF handling (CCITT Group 4) could allow remote code execution or a denial of service. Affected vendor/product: Apple Safari on macOS with ImageIO before Safari 5.0.6. The underlying issue is a buffer overflow when proce...
CVE-2011-0241
Heap-based buffer overflow in ImageIO in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF image with CCITT Group 4 encoding...
Debian DSA-2210-1 : tiff - several vulnerabilities
Several vulnerabilities were discovered in the TIFF manipulation and conversion library : - CVE-2011-0191 A buffer overflow allows to execute arbitrary code or cause a denial of service via a crafted TIFF image with JPEG encoding. This issue affects the Debian 5.0 Lenny package only. -...
DSA-2210-1 tiff - several
Bulletin has no description...
Mandriva Linux Security Advisory : libtiff (MDVSA-2011:043)
A buffer overflow was discovered in libtiff which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF image with CCITT Group 4 encoding CVE-2011-0192. Additionally it was discovered that the fixes for CVE-2009-2347 and CVE-2010-2065...
RedHat Update for libtiff RHSA-2011:0318-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CVE-2011-0192
Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF Internet Fax image file tha...
Buffer overflow
Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF Internet Fax image file tha...
CVE-2011-0192
Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF Internet Fax image file tha...
Important: Red Hat Security Advisory: libtiff security update
Updated libtiff packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CVE-2011-0192
Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF Internet Fax image file tha...