Vulnerabilities > Libtiff

DATE CVE VULNERABILITY TITLE RISK
2016-04-13 CVE-2015-1547 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff5.tif.
network
low complexity
debian libtiff CWE-119
6.5
2016-02-01 CVE-2015-8783 Out-of-bounds Read vulnerability in multiple products
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds reads) via a crafted TIFF image.
network
low complexity
libtiff debian CWE-125
6.5
2016-02-01 CVE-2015-8782 Out-of-bounds Write vulnerability in multiple products
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds writes) via a crafted TIFF image, a different vulnerability than CVE-2015-8781.
network
low complexity
debian libtiff CWE-787
6.5
2016-02-01 CVE-2015-8781 Out-of-bounds Write vulnerability in multiple products
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-2015-8782.
network
low complexity
debian libtiff CWE-787
6.5
2016-01-08 CVE-2015-8668 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image.
network
low complexity
libtiff oracle redhat CWE-787
critical
9.8
2016-01-08 CVE-2015-7554 7PK - Security Features vulnerability in Libtiff 4.0.6
The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image.
network
low complexity
libtiff CWE-254
critical
9.8