Vulnerabilities > Libtiff > Libtiff > 3.5.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-11 | CVE-2016-5322 | Out-of-bounds Read vulnerability in multiple products The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. | 4.3 |
| 2017-03-07 | CVE-2016-5315 | Out-of-bounds Read vulnerability in multiple products The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. | 4.3 |
| 2017-02-06 | CVE-2016-9532 | Out-of-bounds Read vulnerability in multiple products Integer overflow in the writeBufferToSeparateStrips function in tiffcrop.c in LibTIFF before 4.0.7 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tif file. | 4.3 |
| 2017-02-06 | CVE-2016-5102 | Improper Input Validation vulnerability in Libtiff Buffer overflow in the readgifimage function in gif2tiff.c in the gif2tiff tool in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (segmentation fault) via a crafted gif file. | 4.3 |
| 2017-01-27 | CVE-2016-9453 | Out-of-bounds Write vulnerability in multiple products The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a JPEG file with a TIFFTAG_JPEGTABLES of length one. | 6.8 |
| 2017-01-23 | CVE-2016-6223 | Numeric Errors vulnerability in Libtiff The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.c in libtiff before 4.0.7 allows remote attackers to cause a denial of service (crash) or possibly obtain sensitive information via a negative index in a file-content buffer. | 6.4 |
| 2017-01-20 | CVE-2016-5323 | Divide By Zero vulnerability in multiple products The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted Tiff image. | 5.0 |
| 2017-01-20 | CVE-2016-5321 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image. | 4.3 |
| 2017-01-20 | CVE-2016-5319 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff Heap-based buffer overflow in tif_packbits.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted bmp file. | 4.3 |
| 2017-01-20 | CVE-2016-5318 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff Stack-based buffer overflow in the _TIFFVGetField function in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted tiff. | 4.3 |