Vulnerabilities > Libtiff > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-12 | CVE-2014-8129 | Out-of-bounds Write vulnerability in multiple products LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c. | 8.8 |
| 2018-01-14 | CVE-2018-5360 | Out-of-bounds Read vulnerability in multiple products LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27. | 8.8 |
| 2017-12-29 | CVE-2017-17973 | Use After Free vulnerability in Libtiff 4.0.8 In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. | 8.8 |
| 2017-12-28 | CVE-2017-17942 | Out-of-bounds Read vulnerability in Libtiff 4.0.9 In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tif_packbits.c. | 8.8 |
| 2017-12-02 | CVE-2017-17095 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.9 tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file. | 8.8 |
| 2017-08-18 | CVE-2017-12944 | Allocation of Resources Without Limits or Throttling vulnerability in Libtiff 4.0.8 The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mishandles memory allocation for short files, which allows remote attackers to cause a denial of service (allocation failure and application crash) in the TIFFFetchStripThing function in tif_dirread.c during a tiff2pdf invocation. | 7.5 |
| 2017-07-17 | CVE-2017-11335 | Out-of-bounds Write vulnerability in Libtiff 4.0.8 There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig=Contig image, which causes a more than one hundred bytes out-of-bounds write (related to the ZIPDecode function in tif_zip.c). | 8.8 |
| 2017-06-29 | CVE-2017-10688 | Improper Input Validation vulnerability in Libtiff 4.0.8 In LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectoryTagCheckedLong8Array function in tif_dirwrite.c. | 7.5 |
| 2017-06-26 | CVE-2017-9935 | Out-of-bounds Read vulnerability in multiple products In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. | 8.8 |
| 2017-04-09 | CVE-2017-7602 | Integer Overflow or Wraparound vulnerability in Libtiff 4.0.7 LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | 7.8 |