Vulnerabilities > Out-of-bounds Read

DATE CVE VULNERABILITY TITLE RISK
2017-01-23 CVE-2017-5563 Out-of-bounds Read vulnerability in Libtiff 4.0.7
LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff.
network
libtiff CWE-125
6.8
2017-01-23 CVE-2017-5556 Out-of-bounds Read vulnerability in Foxitsoftware Foxit Reader and Phantompdf
The ConvertToPDF plugin in Foxit Reader before 8.2 and PhantomPDF before 8.2 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image.
5.8
2017-01-21 CVE-2017-5545 Out-of-bounds Read vulnerability in Libimobiledevice Libplist
The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short.
network
low complexity
libimobiledevice CWE-125
6.4
2017-01-20 CVE-2016-5316 Out-of-bounds Read vulnerability in multiple products
Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool.
4.3
2017-01-18 CVE-2016-9297 Out-of-bounds Read vulnerability in Libtiff 4.0.6
The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII tag values.
network
low complexity
libtiff CWE-125
5.0
2017-01-18 CVE-2016-9273 Out-of-bounds Read vulnerability in Libtiff 4.0.6
tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file, related to changing td_nstrips in TIFF_STRIPCHOP mode.
network
libtiff CWE-125
4.3
2017-01-18 CVE-2016-9109 Out-of-bounds Read vulnerability in Artifex Mujs
Artifex Software MuJS allows attackers to cause a denial of service (crash) via vectors related to incomplete escape sequences.
network
low complexity
artifex CWE-125
5.0
2017-01-18 CVE-2016-7799 Out-of-bounds Read vulnerability in multiple products
MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
4.3
2017-01-18 CVE-2016-7563 Out-of-bounds Read vulnerability in Artifex Mujs
The chartorune function in Artifex Software MuJS allows attackers to cause a denial of service (out-of-bounds read) via a * (asterisk) at the end of the input.
network
low complexity
artifex CWE-125
5.0
2017-01-18 CVE-2016-7101 Out-of-bounds Read vulnerability in Imagemagick
The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file.
4.3