Vulnerabilities > Libtiff > Libtiff > 3.9
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-01-20 | CVE-2016-5318 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff Stack-based buffer overflow in the _TIFFVGetField function in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted tiff. | 4.3 |
2017-01-20 | CVE-2016-5316 | Out-of-bounds Read vulnerability in multiple products Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool. | 4.3 |
2016-12-06 | CVE-2015-8870 | Improper Input Validation vulnerability in Libtiff Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or RLE8 data in a BMP file. | 5.8 |
2016-10-03 | CVE-2016-3658 | Out-of-bounds Read vulnerability in Libtiff The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving the ma variable. | 5.0 |
2016-10-03 | CVE-2016-3634 | Out-of-bounds Read vulnerability in Libtiff The tagCompare function in tif_dirinfo.c in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to field_tag matching. | 5.0 |
2016-10-03 | CVE-2016-3633 | Out-of-bounds Read vulnerability in Libtiff The setrow function in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the src variable. | 5.0 |
2016-10-03 | CVE-2016-3631 | Out-of-bounds Read vulnerability in Libtiff The (1) cpStrips and (2) cpTiles functions in the thumbnail tool in LibTIFF 4.0.6 and earlier allow remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the bytecounts[] array variable. | 5.0 |
2016-10-03 | CVE-2016-3625 | Out-of-bounds Read vulnerability in Libtiff tif_read.c in the tiff2bw tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image. | 4.3 |
2016-10-03 | CVE-2016-3624 | Out-of-bounds Write vulnerability in Libtiff The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) by setting the "-v" option to -1. | 5.0 |
2016-10-03 | CVE-2016-3623 | Divide By Zero vulnerability in multiple products The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v or (2) h parameter to 0. | 5.0 |