Vulnerabilities > Libtiff
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-23 | CVE-2016-6223 | Numeric Errors vulnerability in Libtiff The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.c in libtiff before 4.0.7 allows remote attackers to cause a denial of service (crash) or possibly obtain sensitive information via a negative index in a file-content buffer. | 9.1 |
| 2017-01-23 | CVE-2017-5563 | Out-of-bounds Read vulnerability in Libtiff 4.0.7 LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff. | 8.8 |
| 2017-01-20 | CVE-2016-5323 | Divide By Zero vulnerability in multiple products The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted Tiff image. | 7.5 |
| 2017-01-20 | CVE-2016-5321 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image. | 6.5 |
| 2017-01-20 | CVE-2016-5319 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff Heap-based buffer overflow in tif_packbits.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted bmp file. | 6.5 |
| 2017-01-20 | CVE-2016-5318 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff Stack-based buffer overflow in the _TIFFVGetField function in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted tiff. | 6.5 |
| 2017-01-20 | CVE-2016-5317 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a crafted TIFF file. | 6.5 |
| 2017-01-20 | CVE-2016-5316 | Out-of-bounds Read vulnerability in multiple products Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool. | 6.5 |
| 2017-01-18 | CVE-2016-9297 | Out-of-bounds Read vulnerability in Libtiff 4.0.6 The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII tag values. | 7.5 |
| 2017-01-18 | CVE-2016-9273 | Out-of-bounds Read vulnerability in Libtiff 4.0.6 tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file, related to changing td_nstrips in TIFF_STRIPCHOP mode. | 5.5 |