Vulnerabilities > Libtiff > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-09 | CVE-2017-7598 | Divide By Zero vulnerability in Libtiff 4.0.7 tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image. | 4.3 |
| 2017-04-09 | CVE-2017-7597 | Improper Input Validation vulnerability in Libtiff 4.0.7 tif_dirread.c in LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | 6.8 |
| 2017-04-09 | CVE-2017-7596 | Improper Input Validation vulnerability in Libtiff 4.0.7 LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | 6.8 |
| 2017-04-09 | CVE-2017-7595 | Divide By Zero vulnerability in Libtiff 4.0.7 The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image. | 4.3 |
| 2017-04-09 | CVE-2017-7594 | Missing Release of Resource after Effective Lifetime vulnerability in Libtiff 4.0.7 The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (memory leak) via a crafted image. | 4.3 |
| 2017-04-09 | CVE-2017-7593 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.7 tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain sensitive information from process memory via a crafted image. | 4.3 |
| 2017-04-09 | CVE-2017-7592 | Improper Input Validation vulnerability in Libtiff 4.0.7 The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | 6.8 |
| 2017-03-24 | CVE-2016-10272 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.7 LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "WRITE of size 2048" and libtiff/tif_next.c:64:9. | 6.8 |
| 2017-03-24 | CVE-2016-10271 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.7 tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read and buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 1" and libtiff/tif_fax3.c:413:13. | 6.8 |
| 2017-03-24 | CVE-2016-10270 | Out-of-bounds Read vulnerability in Libtiff 4.0.7 LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 8" and libtiff/tif_read.c:523:22. | 6.8 |