Vulnerabilities > Libtiff > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-21 | CVE-2017-9117 | Out-of-bounds Read vulnerability in multiple products In LibTIFF 4.0.7, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, leading to a heap-based buffer over-read in bmp2tiff. | 9.8 |
| 2017-01-23 | CVE-2016-6223 | Numeric Errors vulnerability in Libtiff The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.c in libtiff before 4.0.7 allows remote attackers to cause a denial of service (crash) or possibly obtain sensitive information via a negative index in a file-content buffer. | 9.1 |
| 2017-01-12 | CVE-2017-5225 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.7 LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value. | 9.8 |
| 2016-11-22 | CVE-2016-9540 | Out-of-bounds Write vulnerability in Libtiff 4.0.6 tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. | 9.8 |
| 2016-11-22 | CVE-2016-9539 | Out-of-bounds Read vulnerability in Libtiff 4.0.6 tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer(). | 9.8 |
| 2016-11-22 | CVE-2016-9538 | Integer Overflow or Wraparound vulnerability in Libtiff 4.0.6 tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in readContigStripsIntoBuffer() because of a uint16 integer overflow. | 9.8 |
| 2016-11-22 | CVE-2016-9537 | Out-of-bounds Write vulnerability in Libtiff 4.0.6 tools/tiffcrop.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in buffers. | 9.8 |
| 2016-11-22 | CVE-2016-9536 | Out-of-bounds Write vulnerability in Libtiff 4.0.6 tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers in t2p_process_jpeg_strip(). | 9.8 |
| 2016-11-22 | CVE-2016-9535 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.6 tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. | 9.8 |
| 2016-11-22 | CVE-2016-9534 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.6 tif_write.c in libtiff 4.0.6 has an issue in the error code path of TIFFFlushData1() that didn't reset the tif_rawcc and tif_rawcp members. | 9.8 |