Lucene search
K

23 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-10377

Malware in sbrugna...

6.5CVSS7.4AI score0.0287EPSS
Exploits1References12
Prion
Prion
added 2022/05/11 3:15 p.m.32 views

Out-of-bounds

LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tiflzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa...

4.3CVSS5.6AI score0.01684EPSS
Exploits1References13Affected Software6
Prion
Prion
added 2022/05/11 3:15 p.m.26 views

Out-of-bounds

LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tiflzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa...

4.3CVSS5.5AI score0.0122EPSS
Exploits1References8Affected Software3
Cvelist
Cvelist
added 2019/03/17 4:44 p.m.25 views

CVE-2017-16232

LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service memory consumption, as demonstrated by tifopen.c, tiflzw.c, and tifaux.c. NOTE: Third parties were unable to reproduce the issue...

7.2AI score0.04766EPSS
Exploits0References10
Mageia
Mageia
added 2018/11/11 9:9 p.m.45 views

Updated libtiff packages fix security vulnerability

An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tiflzw.c. CVE-2018-18661...

6.5CVSS3.1AI score0.0287EPSS
Exploits1References1
NVD
NVD
added 2018/10/26 2:29 p.m.19 views

CVE-2018-18661

An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tiflzw.c...

6.5CVSS7.2AI score0.0287EPSS
Exploits1References5
OSV
OSV
added 2018/10/26 2:29 p.m.3 views

ALPINE-CVE-2018-18661

An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tiflzw.c...

6.5CVSS7AI score0.0287EPSS
Exploits1References1
OSV
OSV
added 2018/10/26 2:29 p.m.0 views

DEBIAN-CVE-2018-18661

An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tiflzw.c...

6.5CVSS7.4AI score0.0287EPSS
Exploits1References1
CVE
CVE
added 2018/10/26 1:0 p.m.106 views

CVE-2018-18661

CVE-2018-18661 affects LibTIFF 4.0.9, where a NULL pointer dereference in LZWDecode (tif_lzw.c) can lead to a denial of service (crash) when processing crafted TIFF images. Public advisories and Linux distributions consistently reference this issue as part of a set of LibTIFF vulnerabilities and ...

6.5CVSS7.1AI score0.0287EPSS
Exploits1References5Affected Software1
Mageia
Mageia
added 2018/05/16 8:24 a.m.46 views

Updated libtiff packages fix security vulnerabilities

The TIFFWriteDirectorySec function in tifdirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service assertion failure and application crash via a crafted file, a different vulnerability than CVE-2017-13726. CVE-2018-10963 In LibTIFF 4.0.9, a heap-based buffer overflo...

8.8CVSS5.6AI score0.03765EPSS
Exploits2References1
Veracode
Veracode
added 2018/05/14 3:31 a.m.32 views

Buffer Overflow

libtiff.so is vulnerable to buffer overflows. A malicious user can pass a tiff file to the LZWDecodeCompat function in tiflzw.c, causing a buffer overflow that can crash the application or other cause arbitrary code to be executed...

8.8CVSS8.9AI score0.03097EPSS
Exploits1References11Affected Software3
Prion
Prion
added 2018/03/22 4:29 a.m.27 views

Heap overflow

In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tiflzw.c via a crafted TIFF file, as demonstrated by tiff2ps...

6.8CVSS8.5AI score0.03097EPSS
Exploits1References9Affected Software6
NVD
NVD
added 2018/03/22 4:29 a.m.14 views

CVE-2018-8905

In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tiflzw.c via a crafted TIFF file, as demonstrated by tiff2ps...

8.8CVSS8.6AI score0.03097EPSS
Exploits1References9
Cvelist
Cvelist
added 2018/03/22 4:0 a.m.23 views

CVE-2018-8905

In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tiflzw.c via a crafted TIFF file, as demonstrated by tiff2ps...

8.8AI score0.03097EPSS
Exploits1References9
UbuntuCve
UbuntuCve
added 2018/03/22 12:0 a.m.29 views

CVE-2018-8905

In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tiflzw.c via a crafted TIFF file, as demonstrated by tiff2ps...

8.8CVSS7AI score0.03097EPSS
Exploits1References3
CNVD
CNVD
added 2018/03/22 12:0 a.m.4 views

Silicon Graphics LibTIFF 'LZWDecodeCompat' Function Heap Buffer Overflow Vulnerability

Silicon Graphics LibTIFF is a library for reading and writing TIFF Tagged Image File Format files from Silicon Graphics, USA. The library contains a number of command-line tools for processing TIFF files. A heap buffer overflow vulnerability exists in the 'LZWDecodeCompat' function of the tiflzw....

8.8CVSS7.1AI score0.03097EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/06/26 3:0 p.m.30 views

CVE-2014-8127

LibTIFF 4.0.3 allows remote attackers to cause a denial of service out-of-bounds read and crash via a crafted TIFF image to the 1 checkInkNamesString function in tifdir.c in the thumbnail tool, 2 compresscontig function in tiff2bw.c in the tiff2bw tool, 3 putcontig8bitCIELab function in...

6.7AI score0.05669EPSS
Exploits0References15
Prion
Prion
added 2017/01/23 7:59 a.m.15 views

Heap overflow

LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tiflzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff...

6.8CVSS9.2AI score0.03023EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2017/01/23 6:49 a.m.92 views

CVE-2017-5563

CVE-2017-5563 affects LibTIFF 4.0.7, with a heap-based buffer over-read in tif_lzw.c that can cause DoS or remote code execution when processing a crafted BMP image via tools/bmp2tiff. The connected documents confirm the vulnerable component/file and the general impact; no public patch/version re...

8.8CVSS8.1AI score0.03023EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2016/10/03 4:9 p.m.21 views

Design/Logic Flaw

The LZWEncode function in tiflzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c lzw" option is used, allows remote attackers to cause a denial of service buffer over-read via a crafted BMP image...

6.8CVSS6.8AI score0.02097EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder