Vulnerabilities > Libtiff > Libtiff > 4.0.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-10 | CVE-2018-10963 | Reachable Assertion vulnerability in multiple products The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726. | 4.3 |
| 2018-04-21 | CVE-2018-10126 | NULL Pointer Dereference vulnerability in Libtiff 4.0.9 LibTIFF 4.0.9 has a NULL pointer dereference in the jpeg_fdct_16x16 function in jfdctint.c. | 6.5 |
| 2018-03-22 | CVE-2018-8905 | Out-of-bounds Write vulnerability in multiple products In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps. | 8.8 |
| 2018-02-24 | CVE-2018-7456 | NULL Pointer Dereference vulnerability in multiple products A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013. | 4.3 |
| 2018-01-19 | CVE-2018-5784 | Resource Exhaustion vulnerability in multiple products In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. | 4.3 |
| 2018-01-01 | CVE-2017-18013 | NULL Pointer Dereference vulnerability in Libtiff 4.0.9 In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. | 4.3 |
| 2017-12-28 | CVE-2017-17942 | Out-of-bounds Read vulnerability in Libtiff 4.0.9 In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tif_packbits.c. | 6.8 |
| 2017-12-02 | CVE-2017-17095 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.9 tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file. | 6.8 |