Vulnerabilities > Libtiff > Libtiff > 4.0.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-21 | CVE-2017-16232 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. | 7.5 |
| 2018-05-10 | CVE-2018-10963 | Reachable Assertion vulnerability in multiple products The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726. | 4.3 |
| 2017-12-29 | CVE-2017-17973 | Use After Free vulnerability in Libtiff 4.0.8 In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. | 8.8 |
| 2017-08-29 | CVE-2017-13727 | Reachable Assertion vulnerability in Libtiff 4.0.8 There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. | 4.3 |
| 2017-08-29 | CVE-2017-13726 | Reachable Assertion vulnerability in Libtiff 4.0.8 There is a reachable assertion abort in the function TIFFWriteDirectorySec() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. | 4.3 |
| 2017-08-18 | CVE-2017-12944 | Allocation of Resources Without Limits or Throttling vulnerability in Libtiff 4.0.8 The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mishandles memory allocation for short files, which allows remote attackers to cause a denial of service (allocation failure and application crash) in the TIFFFetchStripThing function in tif_dirread.c during a tiff2pdf invocation. | 5.0 |
| 2017-07-26 | CVE-2017-11613 | Improper Input Validation vulnerability in Libtiff 4.0.8 In LibTIFF 4.0.8, there is a denial of service vulnerability in the TIFFOpen function. | 4.3 |
| 2017-07-17 | CVE-2017-11335 | Out-of-bounds Write vulnerability in Libtiff 4.0.8 There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig=Contig image, which causes a more than one hundred bytes out-of-bounds write (related to the ZIPDecode function in tif_zip.c). | 6.8 |
| 2017-06-29 | CVE-2017-10688 | Improper Input Validation vulnerability in Libtiff 4.0.8 In LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectoryTagCheckedLong8Array function in tif_dirwrite.c. | 5.0 |
| 2017-06-26 | CVE-2017-9937 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. | 6.5 |