Vulnerabilities > Libtiff > Libtiff > 3.9.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-20 | CVE-2016-5323 | Divide By Zero vulnerability in multiple products The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted Tiff image. | 5.0 |
| 2017-01-20 | CVE-2016-5321 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image. | 4.3 |
| 2017-01-20 | CVE-2016-5319 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff Heap-based buffer overflow in tif_packbits.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted bmp file. | 4.3 |
| 2017-01-20 | CVE-2016-5318 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff Stack-based buffer overflow in the _TIFFVGetField function in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted tiff. | 4.3 |
| 2017-01-20 | CVE-2016-5316 | Out-of-bounds Read vulnerability in multiple products Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool. | 4.3 |
| 2016-12-06 | CVE-2015-8870 | Improper Input Validation vulnerability in Libtiff Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or RLE8 data in a BMP file. | 5.8 |
| 2016-10-03 | CVE-2016-3658 | Out-of-bounds Read vulnerability in Libtiff The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving the ma variable. | 5.0 |
| 2016-10-03 | CVE-2016-3634 | Out-of-bounds Read vulnerability in Libtiff The tagCompare function in tif_dirinfo.c in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to field_tag matching. | 5.0 |
| 2016-10-03 | CVE-2016-3633 | Out-of-bounds Read vulnerability in Libtiff The setrow function in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the src variable. | 5.0 |
| 2016-10-03 | CVE-2016-3631 | Out-of-bounds Read vulnerability in Libtiff The (1) cpStrips and (2) cpTiles functions in the thumbnail tool in LibTIFF 4.0.6 and earlier allow remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the bytecounts[] array variable. | 5.0 |