Vulnerabilities > Libtiff
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-06 | CVE-2015-8870 | Improper Input Validation vulnerability in Libtiff Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or RLE8 data in a BMP file. | 5.8 |
| 2016-11-22 | CVE-2016-9540 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.6 tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. | 7.5 |
| 2016-11-22 | CVE-2016-9539 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.6 tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer(). | 7.5 |
| 2016-11-22 | CVE-2016-9538 | Integer Overflow or Wraparound vulnerability in Libtiff 4.0.6 tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in readContigStripsIntoBuffer() because of a uint16 integer overflow. | 7.5 |
| 2016-11-22 | CVE-2016-9537 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.6 tools/tiffcrop.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in buffers. | 7.5 |
| 2016-11-22 | CVE-2016-9536 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.6 tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers in t2p_process_jpeg_strip(). | 7.5 |
| 2016-11-22 | CVE-2016-9535 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.6 tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. | 7.5 |
| 2016-11-22 | CVE-2016-9534 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.6 tif_write.c in libtiff 4.0.6 has an issue in the error code path of TIFFFlushData1() that didn't reset the tif_rawcc and tif_rawcp members. | 7.5 |
| 2016-11-22 | CVE-2016-9533 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.6 tif_pixarlog.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers. | 7.5 |
| 2016-10-28 | CVE-2016-8331 | Unspecified vulnerability in Libtiff 4.0.6 An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6. network libtiff | 6.8 |