CVE-2020-19143

Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "TIFFVGetField" funtion in the component 'libtiff/tifdir.c'...

CVE-2019-6128

The TIFFFdOpen function in tifunix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb...

CVE-2018-17795

The function t2pwritepdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935...

CVE-2018-10801

TIFFClientOpen in tifunix.c in LibTIFF 3.8.2 has memory leaks, as demonstrated by bmp2tiff...

CVE-2017-9935

In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2pwritepdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an invalid free in TIFFClose or t2pfree, memory...

CVE-2017-9404

In LibTIFF 4.0.7, a memory leak vulnerability was found in the function OJPEGReadHeaderInfoSecTablesQTable in tifojpeg.c, which allows attackers to cause a denial of service via a crafted file...

CVE-2017-9147

LibTIFF 4.0.7 has an invalid read in the TIFFVGetField function in tifdir.c, which might allow remote attackers to cause a denial of service crash via a crafted TIFF file...

CVE-2017-7595

The JPEGSetupEncode function in tiffjpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted image...

CVE-2016-10266

LibTIFF 4.0.7 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted TIFF image, related to libtiff/tifread.c:351:22...

CVE-2016-10267

LibTIFF 4.0.7 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted TIFF image, related to libtiff/tifojpeg.c:816:8...

CVE-2015-8782

tifluv.c in libtiff allows attackers to cause a denial of service out-of-bounds writes via a crafted TIFF image, a different vulnerability than CVE-2015-8781...

CVE-2015-8783

tifluv.c in libtiff allows attackers to cause a denial of service out-of-bounds reads via a crafted TIFF image...

Updated libtiff package fixes security vulnerabilities

In libtiff, in tifnext.c, a potential out-of-bound write in NeXTDecode triggered by the test case for CVE-2015-1547 maptools bugzilla 2508. In libtiff, in tifgetimage.c, out-of-bound reads in the TIFFRGBAImage interface in case of unsupported values of SamplesPerPixel/ExtraSamples for LogLUV /...

CVE-2014-8128

LibTIFF prior to 4.0.4, as used in Apple iOS before 8.4 and OS X before 10.10.4 and other products, allows remote attackers to cause a denial of service out-of-bounds write via a crafted TIFF image...

CVE-2010-2233

tifgetimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted TIFF image, related to "downsampled OJPEG...

DEBIAN-CVE-2008-4987

xastir 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the a /tmp/ldconfig.tmp, b /tmp/ldconf.tmp, and c /tmp/ld.so.conf temporary files, related to the 1 get-maptools.sh and 2 getshapelib.sh scripts...

MapLab MS4W 2.2.1 - Remote File Inclusion

MapLab MS4W 2.2.1 - Remote File Inclusion Bug Found By ka0x D.O.M TEAM we are: anonyph;arp;ka0x;xarnuz Contact: [email protected] FROM SPAIN --- Script: MapLab Version: 2.2.1 Official Site: http://www.maptools.org Download: http://www.maptools.org/dl/ms4w/maplabms4w-2.2.1.zip -- Bug File: params.p...