12 matches found
golang: golang.org/x/image/tiff: golang.org/x/image/tiff: Denial of Service via maliciously crafted TIFF file
A flaw was found in golang.org/x/image/tiff. A remote attacker could exploit this vulnerability by providing a maliciously crafted Tagged Image File Format TIFF file. This could cause the image decoding process to attempt to allocate up to 4 gigabytes GiB of memory. The excessive resource...
EUVD-2023-43873
Malicious code in bioql PyPI...
EUVD-2022-37227
Malicious code in bioql PyPI...
CVE-2021-40700
Adobe Premiere Elements version 2021.2235820 and earlier is affected by a memory corruption vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this...
Denial Of Service (DoS)
libtiff.so is vulnerable to Denial Of Service DoS. The vulnerability exists because of an out-of-bounds write in tiffcrop.c, allowing an attacker to cause an application crash through a maliciously crafted tiff file...
CVE-2020-36521
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or...
CVE-2022-27530
A maliciously crafted TIF or PICT file in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to write beyond the allocated buffer through Buffer overflow vulnerability. This vulnerability may be exploited to execute arbitrary code...
CVE-2021-40700
Adobe Premiere Elements version 2021.2235820 and earlier is affected by a memory corruption vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this...
Denial Of Service (DoS)
libtiff.so is vulnerable to denial of service DoS or remote code execution. It can happen because the attacker can perform Illegal writes by sending a malicious TIFF file to the TIFFVGetField function in tifdirinfo.c. It can also cause a remote code execution if an attacker writes malicious code...
Denial Of Service (DoS)
libtiff.so is vulnerable to denial of service DoS attacks. A malicious user can pass a malicious tiff file that has the BitsPerSample tag set to zero to cause a divide by zero error that can crash the application...
Silicon Graphics LibTIFF Denial of Service Vulnerability (CNVD-2017-04618)
LibTIFF is a library for reading and writing TIFF Tagged Image File Format files from Silicon Graphics, USA. The library contains a number of command-line tools for processing TIFF files. A security vulnerability exists in LibTIFF that could be exploited by remote attackers to submit a special fi...
Important: Red Hat Security Advisory: libtiff security update
Updated libtiff packages that fix various integer overflows are now available. The libtiff package contains a library of functions for manipulating TIFF Tagged Image File Format image format files. iDEFENSE has reported an integer overflow bug that affects libtiff. An attacker who has the ability...