Vulnerabilities > Libtiff

DATE CVE VULNERABILITY TITLE RISK
2016-10-28 CVE-2016-8331 Unspecified vulnerability in Libtiff 4.0.6
An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6.
network
high complexity
libtiff
8.1
2016-10-03 CVE-2016-3658 Out-of-bounds Read vulnerability in Libtiff
The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving the ma variable.
network
low complexity
libtiff CWE-125
7.5
2016-10-03 CVE-2016-3634 Out-of-bounds Read vulnerability in Libtiff
The tagCompare function in tif_dirinfo.c in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to field_tag matching.
network
low complexity
libtiff CWE-125
7.5
2016-10-03 CVE-2016-3633 Out-of-bounds Read vulnerability in Libtiff
The setrow function in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the src variable.
network
low complexity
libtiff CWE-125
7.5
2016-10-03 CVE-2016-3631 Out-of-bounds Read vulnerability in Libtiff
The (1) cpStrips and (2) cpTiles functions in the thumbnail tool in LibTIFF 4.0.6 and earlier allow remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the bytecounts[] array variable.
network
low complexity
libtiff CWE-125
7.5
2016-10-03 CVE-2016-3625 Out-of-bounds Read vulnerability in Libtiff
tif_read.c in the tiff2bw tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image.
network
low complexity
libtiff CWE-125
6.5
2016-10-03 CVE-2016-3624 Out-of-bounds Write vulnerability in Libtiff
The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) by setting the "-v" option to -1.
network
low complexity
libtiff CWE-787
7.5
2016-10-03 CVE-2016-3623 Divide By Zero vulnerability in multiple products
The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v or (2) h parameter to 0.
network
low complexity
libtiff opensuse CWE-369
7.5
2016-10-03 CVE-2016-3622 Divide By Zero vulnerability in Libtiff 4.0.6
The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted TIFF image.
network
low complexity
libtiff CWE-369
6.5
2016-10-03 CVE-2016-3621 Out-of-bounds Read vulnerability in Libtiff
The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c lzw" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.
network
low complexity
libtiff CWE-125
8.8