39 matches found
EUVD-2016-4650
Malware in sbrugna...
EUVD-2016-6267
Malware in sbrugna...
EUVD-2016-4649
Malware in sbrugna...
SUSE CVE-2009-2347
Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large 1 width and 2 height values, which triggers a heap-based buffer overflow in the a cvtwholeimage...
SUSE CVE-2016-3623
The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service divide-by-zero by setting the 1 v or 2 h parameter to 0...
SUSE CVE-2016-3624
The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service out-of-bounds write by setting the "-v" option to -1...
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2020-1447)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Denial Of Service (DoS) Through Out-Of-Bounds Write
libtiff.so is vulnerable to out-of-bounds write. This is due to an illegal write in the cvtClump function in the rgb2ycbcr tool in rgb2ycbcr.c which allows an attacker to cause a denial of service condition when the parameter v is set to -1...
CVE-2016-5314
Buffer overflow in the PixarLogDecode function in tifpixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer wi...
CVE-2016-5314
CVE-2016-5314 is the LibTIFF vulnerability describing a buffer overflow in PixarLogDecode (tif_pixarlog.c) for LibTIFF 4.0.6 and earlier. The issue allows remote attackers to crash the application or cause possible other impact via a crafted TIFF image, demonstrated by overwriting the vgetparent ...
Design/Logic Flaw
Out-of-bounds read in the PixarLogCleanup function in tifpixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool...
CVE-2016-5316
Out-of-bounds read in the PixarLogCleanup function in tifpixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool...
CVE-2016-5316
Out-of-bounds read in the PixarLogCleanup function in tifpixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool...
CVE-2016-5316
The CVE-2016-5316 entry concerns the LibTIFF library. Affected component: libtiff
CVE-2016-5316
Out-of-bounds read in the PixarLogCleanup function in tifpixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool...
CVE-2016-5316
Out-of-bounds read in the PixarLogCleanup function in tifpixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool...
[SECURITY] [DLA 693-1] tiff security update
Package : tiff Version : 4.0.2-6+deb7u7 CVE ID : CVE-2014-8128 CVE-2015-7554 CVE-2015-8668 CVE-2016-3186 CVE-2016-3619 CVE-2016-3620 CVE-2016-3621 CVE-2016-3631 CVE-2016-3632 CVE-2016-3633 CVE-2016-3634 CVE-2016-5102 CVE-2016-5318 CVE-2016-5319 CVE-2016-5652 CVE-2016-6223 CVE-2016-8331 Debian Bug...
CVE-2016-3624
The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service out-of-bounds write by setting the "-v" option to -1...
ALPINE-CVE-2016-3624
The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service out-of-bounds write by setting the "-v" option to -1...
CVE-2016-3623
The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service divide-by-zero by setting the 1 v or 2 h parameter to 0...