[SECURITY] Fedora 42 Update: gdcm-3.0.24-8.fc42

Grassroots DiCoM GDCM is a C++ library for DICOM medical files. It supports ACR-NEMA version 1 and 2 huffman compression is not supported, RAW, JPEG, JPEG 2000, JPEG-LS, RLE and deflated transfer syntax. It comes with a super fast scanner implementation to quickly scan hundreds of DICOM files. It...

Dropbox Lepton Denial of Service Vulnerability

Dropbox Lepton is a set of tools for lossless compression of JPEG format files. A denial of service vulnerability exists in LEPTON Project Dropbox Lepton version 1.2, which can be exploited to launch a denial of service attack by passing a carefully crafted JPEG file to the Lepton image compressi...

openSUSE Security Update : tiff (openSUSE-2017-53)

The tiff library and tools were updated to version 4.0.7 fixing various bug and security issues. - CVE-2014-8127: out-of-bounds read with malformed TIFF image in multiple tools bnc914890 - CVE-2016-9297: tifdirread.c read outside buffer in TIFFPrintField bnc1010161 - CVE-2016-3658: Illegal read i...

LibTIFF TIFF2PDF TIFFTAG_JPEGTABLES Remote Code Execution Vulnerability

Summary An exploitable heap based buffer overflow exists in the handling of TIFF images in LibTIFF’s TIFF2PDF tool. A crafted TIFF document can lead to a heap based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means...

Hand to hand teach you how to construct the office exploits EXP（the second period）-bug warning-the black bar safety net

On a period I shared office classic Vulnerability CVE-2 0 1 2-0 1 5 8 that demonstrates how a stack-based buffer overflow in the principles of construction to trigger the vulnerability document. The current share of the vulnerability is CVE-2 0 1 3-3 9 0 6, is also a typical overflow type office...

Oracle Linux 6 : libtiff (ELSA-2011-0452)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2011-0452 advisory. 3.9.4-1.el60.3 - Add fix for CVE-2009-5022 Resolves: 696143 Tenable has extracted the preceding description block directly from the Oracle Linux security...

XnView < 1.99.1 JPEG Compressed TIFF Image Multiple Header Value Handling Overflow

The version of XnView installed on the remote Windows host is earlier than 1.99.1. It is, therefore, reportedly affected by a heap-based buffer overflow vulnerability. This is due to an error in the handling of TIFF image files having JPEG compression. Specially crafted files of this type can...

Scientific Linux Security Update : libtiff on SL6.x i386/x86_64

A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF image files that were compressed with the JPEG compression algorithm. An attacker could use this flaw to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff ...

RedHat Update for libtiff RHSA-2011:0452-01

Check for the Version of libtiff OpenVAS Vulnerability Test RedHat Update for libtiff RHSA-2011:0452-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

RedHat Update for libtiff RHSA-2011:0452-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Important: Red Hat Security Advisory: libtiff security update

Updated libtiff packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...