42 matches found
EUVD-2019-7895
Malware in sbrugna...
EUVD-2017-8937
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-17546
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tifgetimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer...
Rocky Linux 8 : libtiff (RLSA-2020:4634)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2020:4634 advisory. - tifgetimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer...
SUSE CVE-2017-17786
In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c related to bgr2rgb.part.1 via an unexpected bits-per-pixel value for an RGBA image...
SUSE CVE-2019-17546
tifgetimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition...
AlmaLinux 8 : libtiff (ALSA-2020:4634)
The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2020:4634 advisory. - tifgetimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer...
NewStart CGSL MAIN 6.02 : libtiff Vulnerability (NS-SA-2021-0058)
The remote NewStart CGSL host, running version MAIN 6.02, has libtiff packages installed that are affected by a vulnerability: - tifgetimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow...
Amazon Linux AMI : libtiff (ALAS-2020-1447)
The version of libtiff installed on the remote host is prior to 4.0.3-35.36. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1447 advisory. TIFFCheckMalloc and TIFFCheckRealloc in tifaux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because th...
Oracle Linux 7 : libtiff (ELSA-2020-3902)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-3902 advisory. - Fix CVE-2019-17546 Resolves: 1771371 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note tha...
libtiff: integer overflow leading to heap-based buffer overflow in tif_getimage.c
tifgetimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition...
Arbitrary Code Execution
GIMP is vulnerable to arbitrary code execution. A heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c allows an attacker to execute arbitrary code via a malicious bits-per-pixel value for an RGBA image...
EulerOS 2.0 SP5 : libtiff (EulerOS-SA-2019-2707)
According to the version of the libtiff packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - tifgetimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a...
MGASA-2019-0366 Updated libtiff packages fix security vulnerability
The updated packages fix a security vulnerability: tifgetimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition...
Updated libtiff packages fix security vulnerability
The updated packages fix a security vulnerability: tifgetimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition...
EulerOS 2.0 SP8 : libtiff (EulerOS-SA-2019-2288)
According to the version of the libtiff packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - tifgetimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a...
CVE-2019-17546
tifgetimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition...
Denial Of Service (DoS)
libtiff.so is vulnerable to denial of service DoS. A heap-based buffer overflow in tifgetimage.c caused by an integer overflow allows an attacker to crash the application via a malicious RGBA image, or potentially execute arbitrary code on the system...
CVE-2019-17546
tifgetimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition...
AZL-44190 CVE-2019-17546 affecting package openjpeg2 2.3.1-12
tifgetimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition...