7 matches found
SUSE CVE-2017-5563
LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tiflzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff...
SUSE CVE-2017-16232
LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service memory consumption, as demonstrated by tifopen.c, tiflzw.c, and tifaux.c. NOTE: Third parties were unable to reproduce the issue...
SUSE CVE-2018-8905
In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tiflzw.c via a crafted TIFF file, as demonstrated by tiff2ps...
SUSE CVE-2018-18661
An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tiflzw.c...
DEBIAN-CVE-2017-16232
LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service memory consumption, as demonstrated by tifopen.c, tiflzw.c, and tifaux.c. NOTE: Third parties were unable to reproduce the issue...
UBUNTU-CVE-2017-5563
LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tiflzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff...
ALPINE-CVE-2016-3621
The LZWEncode function in tiflzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c lzw" option is used, allows remote attackers to cause a denial of service buffer over-read via a crafted BMP image...