16 matches found
Updated libtiff packages fix security vulnerabilities
The TIFFWriteDirectorySec function in tifdirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service assertion failure and application crash via a crafted file, a different vulnerability than CVE-2017-13726. CVE-2018-10963 In LibTIFF 4.0.9, a heap-based buffer overflo...
[SECURITY] [DLA 1377-1] tiff security update
Package : tiff Version : 4.0.2-6+deb7u20 CVE ID : CVE-2018-8905 Debian Bug : 893806 A heap-based buffer overflow was discovered in the LZWDecodeCompat function in tiflzw.c LibTIFF 4.0.9 and earlier. This vulnerability might be leveraged by remote attackers to crash the client via a crafted TIFF L...
CVE-2018-8905
In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tiflzw.c via a crafted TIFF file, as demonstrated by tiff2ps...
LibTIFF 3.8.2 - 'LZWDecodeCompat()' Remote Buffer Underflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/35451/info LibTIFF is prone to a remote buffer-underflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary malicious code in...
LibTIFF - LZWDecodeCompat() Remote Buffer Underflow
LibTIFF - LZWDecodeCompat Remote Buffer Underflow Bugtraq ID: 35451 Class: Boundary Condition Error Published: Jun 21 2009 12:00AM Updated: Nov 12 2009 06:46PM Credit: wololo Vulnerable: Ubuntu Ubuntu Linux 9.04 sparc Ubuntu Ubuntu Linux 9.04 powerpc Ubuntu Ubuntu Linux 9.04 lpia Ubuntu Ubuntu...
SuSE 11 Security Update : libtiff3 (SAT Patch Number 1069)
This update of libtiff fixes a buffer underflow in LZWDecodeCompat. CVE-2009-2285 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc...
libTIFF: User-assisted execution of arbitrary code
Background libTIFF provides support for reading and manipulating TIFF Tagged Image File Format images. Description Two vulnerabilities have been reported in libTIFF: wololo reported a buffer underflow in the LZWDecodeCompat function CVE-2009-2285. Tielei Wang of ICST-ERCIS, Peking University...
openSUSE Security Update : libtiff3 (libtiff3-1071)
This update of libtiff fixes a buffer underflow in LZWDecodeCompat CVE-2009-2285. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libtiff3-1071. The text description of this plugin is C SUSE...
openSUSE Security Update : libtiff3 (libtiff3-1071)
This update of libtiff fixes a buffer underflow in LZWDecodeCompat CVE-2009-2285. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libtiff3-1071. The text description of this plugin is C SUSE...
libtiff multiple security vulnerabilities
Crash on LZWDecodeCompat. Potantial integer overflows in tiff2rgba and rgb2ycbcr...
LibTIFF TIFF Image Buffer Underflow Vulnerability
LibTIFF is prone to buffer underflow vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2009-2285
Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service crash via a crafted TIFF image, a different vulnerability than CVE-2008-2327...
Buffer overflow
Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service crash via a crafted TIFF image, a different vulnerability than CVE-2008-2327...
CVE-2009-2285
CVE-2009-2285 affects libtiff 3.8.2, where a buffer underflow in the LZWDecodeCompat function can allow a context-dependent attacker to cause a denial of service (crash) via a crafted TIFF image. The connected Nessus advisories reference this CVE in relation to libtiff versions around 3.8.x (e.g....
GLSA-200809-07 : libTIFF: User-assisted execution of arbitrary code
The remote host is affected by the vulnerability described in GLSA-200809-07 libTIFF: User-assisted execution of arbitrary code Drew Yao Apple Product Security and Clay Wood reported multiple buffer underflows in the LZWDecode and LZWDecodeCompat functions in tiflzw.c when processing TIFF files...
libTIFF: User-assisted execution of arbitrary code
Background libTIFF provides support for reading and manipulating TIFF Tagged Image File Format images. Description Drew Yao Apple Product Security and Clay Wood reported multiple buffer underflows in the LZWDecode and LZWDecodeCompat functions in tiflzw.c when processing TIFF files. Impact A remo...