Vulnerabilities > Libtiff > Libtiff > 3.7.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-04-13 | CVE-2015-8784 | Out-of-bounds Write vulnerability in multiple products The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image, as demonstrated by libtiff5.tif. | 4.3 |
2016-04-13 | CVE-2015-1547 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff5.tif. | 4.3 |
2016-02-01 | CVE-2015-8783 | Out-of-bounds Read vulnerability in multiple products tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds reads) via a crafted TIFF image. | 4.3 |
2016-02-01 | CVE-2015-8782 | Out-of-bounds Write vulnerability in multiple products tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds writes) via a crafted TIFF image, a different vulnerability than CVE-2015-8781. | 4.3 |
2016-02-01 | CVE-2015-8781 | Out-of-bounds Write vulnerability in multiple products tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-2015-8782. | 4.3 |
2016-01-08 | CVE-2015-8668 | Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image. | 9.8 |
2010-06-24 | CVE-2010-2443 | Unspecified vulnerability in Libtiff The OJPEGReadBufferFill function in tif_ojpeg.c in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an OJPEG image with undefined strip offsets, related to the TIFFVGetField function. | 5.0 |
2010-06-24 | CVE-2010-2065 | Numeric Errors vulnerability in Libtiff Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow. | 6.8 |
2008-08-27 | CVE-2008-2327 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Libtiff Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code. | 6.8 |
2006-08-03 | CVE-2006-3465 | Denial of Service vulnerability in LibTIFF Library Anonymous Field Merging Unspecified vulnerability in the custom tag support for the TIFF library (libtiff) before 3.8.2 allows remote attackers to cause a denial of service (instability or crash) and execute arbitrary code via unknown vectors. | 7.5 |