CVE-2012-2088

Integer signedness error in the TIFFReadDirectory function in tifdirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion betwe...

Integer overflow

Integer signedness error in the TIFFReadDirectory function in tifdirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion betwe...

CVE-2012-2088

Integer signedness error in the TIFFReadDirectory function in tifdirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion betwe...

Integer overflow

Multiple integer overflows in tiffgetimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the 1 gtTileSeparate or 2 gtStripSeparate function, leading to a heap-based buffer overflow...

Fedora 14 : libtiff-3.9.4-4.fc14 (2011-3836)

Fix incorrect fix for CVE-2011-0192 Add fix for CVE-2011-1167 Fix buffer overrun in fax decoding CVE-2011-0192 as well as a non-security-critical crash in gif2tiff. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...

CVE-2011-1167

Heap-based buffer overflow in the thunder aka ThunderScan decoder in tifthunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value...

Fedora 12 : mingw32-libtiff-3.9.4-1.fc12 (2010-10469)

Update to version 3.9.4 which fixes several bugs and some CVE's. See http://www.remotesensing.org/libtiff/v3.9.4.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and forma...

CVE-2010-2482

LibTIFF 3.9.4 and earlier does not properly handle an invalid tdstripbytecount field, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted TIFF file, a different vulnerability than CVE-2010-2443...

Fedora 12 : libtiff-3.9.4-1.fc12 (2010-10333)

Fix numerous crashing bugs, including CVE-2010-1411, CVE-2010-2065, CVE-2010-2067, and CVE-2010-2233 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

[SECURITY] Fedora 13 Update: libtiff-3.9.4-1.fc13

The libtiff package contains a library of functions for manipulating TIFF Tagged Image File Format image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if yo...