Vulnerabilities > Libtiff
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-12 | CVE-2017-5225 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.7 LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value. | 9.8 |
| 2017-01-06 | CVE-2016-5652 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.6 An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. | 7.0 |
| 2016-12-06 | CVE-2015-8870 | Integer Overflow or Wraparound vulnerability in Libtiff Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or RLE8 data in a BMP file. | 7.4 |
| 2016-11-22 | CVE-2016-9540 | Out-of-bounds Write vulnerability in Libtiff 4.0.6 tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. | 9.8 |
| 2016-11-22 | CVE-2016-9539 | Out-of-bounds Read vulnerability in Libtiff 4.0.6 tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer(). | 9.8 |
| 2016-11-22 | CVE-2016-9538 | Integer Overflow or Wraparound vulnerability in Libtiff 4.0.6 tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in readContigStripsIntoBuffer() because of a uint16 integer overflow. | 9.8 |
| 2016-11-22 | CVE-2016-9537 | Out-of-bounds Write vulnerability in Libtiff 4.0.6 tools/tiffcrop.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in buffers. | 9.8 |
| 2016-11-22 | CVE-2016-9536 | Out-of-bounds Write vulnerability in Libtiff 4.0.6 tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers in t2p_process_jpeg_strip(). | 9.8 |
| 2016-11-22 | CVE-2016-9535 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.6 tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. | 9.8 |
| 2016-11-22 | CVE-2016-9534 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.6 tif_write.c in libtiff 4.0.6 has an issue in the error code path of TIFFFlushData1() that didn't reset the tif_rawcc and tif_rawcp members. | 9.8 |