MiracleLinux 7 : libtiff-4.0.3-35.0.5.el7.AXS7 (AXSA:2025-10952:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10952:04 advisory. CVE-2017-5225: fix heap buffer overflow in tools/tiffcp by restricting BitsPerSample values CVEs: CVE-2017-5225 LibTIFF version 4.0.7 is vulnerable to a hea...

JLSEC-2025-307 A null pointer dereference issue was found in Libtiff's tif_dir.c file

A null pointer dereference issue was found in Libtiff's tifdir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eventually leading to a denial o...

Libtiff: heap-based buffer overflow in cpstriptotile() in tools/tiffcp.c

...

libtiff: heap-based buffer overflow in cpStripToTile() in tools/tiffcp.c

An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash...

AZL-34956 CVE-2023-6228 affecting package libtiff for versions less than 4.6.0-6

An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash...

SUSE CVE-2022-1355

A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service...

Denial Of Service (DoS)

libtiff.so is vulnerable to denial of service. The vulnerability exists due to the stack buffer overflow in the main function of tiffcp.c, allowing an attacker to crash the application by providing a maliciously crafted TIFF file to the tiffcp tool...

DEBIAN-CVE-2022-1355

A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service...

Stack overflow

A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service...

UBUNTU-CVE-2022-1355

A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service...

Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources the fix is available with commit 408976c4.

...

PT-2022-7199 · Libtiff +8 · Libtiff +8

Name of the Vulnerable Software and Affected Versions: LibTIFF affected versions not specified Description: A stack buffer overflow flaw was found in Libtiff's tiffcp.c in the main function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer...

DEBIAN-CVE-2016-10093

Integer overflow in tools/tiffcp.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5 and 4.0.6 allows remote attackers to have unspecified impact via a crafted image, which triggers a...

ALPINE-CVE-2017-5225

LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value...