Vulnerabilities > Libtiff

DATE CVE VULNERABILITY TITLE RISK
2017-04-11 CVE-2016-5322 Out-of-bounds Read vulnerability in multiple products
The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.
local
low complexity
libtiff debian CWE-125
5.5
2017-04-09 CVE-2017-7602 Integer Overflow or Wraparound vulnerability in Libtiff 4.0.7
LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
local
low complexity
libtiff CWE-190
7.8
2017-04-09 CVE-2017-7601 Improper Input Validation vulnerability in Libtiff 4.0.7
LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
local
low complexity
libtiff CWE-20
7.8
2017-04-09 CVE-2017-7600 Improper Input Validation vulnerability in Libtiff 4.0.7
LibTIFF 4.0.7 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
local
low complexity
libtiff CWE-20
7.8
2017-04-09 CVE-2017-7599 Improper Input Validation vulnerability in Libtiff 4.0.7
LibTIFF 4.0.7 has an "outside the range of representable values of type short" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
local
low complexity
libtiff CWE-20
7.8
2017-04-09 CVE-2017-7598 Divide By Zero vulnerability in Libtiff 4.0.7
tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.
local
low complexity
libtiff CWE-369
7.8
2017-04-09 CVE-2017-7597 Improper Input Validation vulnerability in Libtiff 4.0.7
tif_dirread.c in LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
local
low complexity
libtiff CWE-20
7.8
2017-04-09 CVE-2017-7596 Improper Input Validation vulnerability in Libtiff 4.0.7
LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
local
low complexity
libtiff CWE-20
7.8
2017-04-09 CVE-2017-7595 Divide By Zero vulnerability in Libtiff 4.0.7
The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.
local
low complexity
libtiff CWE-369
5.5
2017-04-09 CVE-2017-7594 Missing Release of Resource after Effective Lifetime vulnerability in Libtiff 4.0.7
The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (memory leak) via a crafted image.
local
low complexity
libtiff CWE-772
5.5