Vulnerabilities > Libtiff > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-04-19 CVE-2016-3186 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file.
local
low complexity
opensuse libtiff CWE-119
6.2
6.2
2016-04-13 CVE-2015-8784 Out-of-bounds Write vulnerability in multiple products
The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image, as demonstrated by libtiff5.tif.
network
low complexity
libtiff debian CWE-787
6.5
6.5
2016-04-13 CVE-2015-8683 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The putcontig8bitCIELab function in tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a packed TIFF image.
local
low complexity
libtiff debian CWE-119
5.5
5.5
2016-04-13 CVE-2015-8665 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.6
tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via the SamplesPerPixel tag in a TIFF image.
local
low complexity
libtiff CWE-119
5.5
5.5
2016-04-13 CVE-2015-1547 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff5.tif.
network
low complexity
debian libtiff CWE-119
6.5
6.5
2016-02-01 CVE-2015-8783 Out-of-bounds Read vulnerability in multiple products
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds reads) via a crafted TIFF image.
network
low complexity
libtiff debian CWE-125
6.5
6.5
2016-02-01 CVE-2015-8782 Out-of-bounds Write vulnerability in multiple products
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds writes) via a crafted TIFF image, a different vulnerability than CVE-2015-8781.
network
low complexity
debian libtiff CWE-787
6.5
6.5
2016-02-01 CVE-2015-8781 Out-of-bounds Write vulnerability in multiple products
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-2015-8782.
network
low complexity
debian libtiff CWE-787
6.5
6.5