Vulnerabilities > Libtiff

DATE CVE VULNERABILITY TITLE RISK
2010-07-02 CVE-2010-2596 Improper Input Validation vulnerability in Libtiff 3.9.0/3.9.2
The OJPEGPostDecode function in tif_ojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted TIFF image, related to "downsampled OJPEG input."
network
libtiff CWE-20
4.3
2010-07-02 CVE-2010-2595 Improper Input Validation vulnerability in Libtiff 3.9.0/3.9.2
The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers an array index error, related to "downsampled OJPEG input."
network
libtiff CWE-20
4.3
2010-06-24 CVE-2010-2443 Unspecified vulnerability in Libtiff
The OJPEGReadBufferFill function in tif_ojpeg.c in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an OJPEG image with undefined strip offsets, related to the TIFFVGetField function.
network
low complexity
libtiff
5.0
2010-06-24 CVE-2010-2065 Numeric Errors vulnerability in Libtiff
Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow.
network
libtiff CWE-189
6.8
2009-07-14 CVE-2009-2347 Numeric Errors vulnerability in Libtiff
Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buffer overflow in the (a) cvt_whole_image function in tiff2rgba and (b) tiffcvt function in rgb2ycbcr.
network
libtiff CWE-189
critical
9.3
2009-07-01 CVE-2009-2285 Buffer Errors vulnerability in Libtiff 3.8.2
Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327.
network
libtiff CWE-119
4.3
2008-08-27 CVE-2008-2327 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Libtiff
Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.
network
libtiff CWE-119
6.8
2006-08-03 CVE-2006-3465 Denial of Service vulnerability in LibTIFF Library Anonymous Field Merging
Unspecified vulnerability in the custom tag support for the TIFF library (libtiff) before 3.8.2 allows remote attackers to cause a denial of service (instability or crash) and execute arbitrary code via unknown vectors.
network
low complexity
libtiff
7.5
2006-08-03 CVE-2006-3464 Numeric Errors vulnerability in Libtiff
TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to pass numeric range checks and possibly execute code, and trigger assert errors, via large offset values in a TIFF directory that lead to an integer overflow and other unspecified vectors involving "unchecked arithmetic operations".
network
low complexity
libtiff CWE-189
7.5
2006-08-03 CVE-2006-3463 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Libtiff
The EstimateStripByteCounts function in TIFF library (libtiff) before 3.8.2 uses a 16-bit unsigned short when iterating over an unsigned 32-bit value, which allows context-dependent attackers to cause a denial of service via a large td_nstrips value, which triggers an infinite loop.
network
low complexity
libtiff CWE-119
7.8