Lucene search

K

7 matches found

CVE
CVE
added 2017/01/30 9:59 p.m.159 views

CVE-2015-7976

The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.

4.3CVSS5.6AI score0.04193EPSS
CVE
CVE
added 2017/01/20 3:59 p.m.104 views

CVE-2016-5323

The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted Tiff image.

7.5CVSS7.4AI score0.01105EPSS
CVE
CVE
added 2017/01/27 5:59 p.m.102 views

CVE-2016-9453

The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a JPEG file with a TIFFTAG_JPEGTABLES of length one.

7.8CVSS8.1AI score0.00397EPSS
CVE
CVE
added 2017/01/20 3:59 p.m.101 views

CVE-2016-5317

Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a crafted TIFF file.

6.5CVSS7.2AI score0.00611EPSS
CVE
CVE
added 2017/01/20 3:59 p.m.99 views

CVE-2016-5316

Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool.

6.5CVSS7.4AI score0.00858EPSS
CVE
CVE
added 2017/01/20 3:59 p.m.99 views

CVE-2016-5321

The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image.

6.5CVSS6.7AI score0.00173EPSS
CVE
CVE
added 2017/01/27 5:59 p.m.99 views

CVE-2016-9448

The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete ...

7.5CVSS7.3AI score0.0164EPSS