Vulnerabilities > Libtiff > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-20 | CVE-2016-5317 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a crafted TIFF file. | 4.3 |
| 2017-01-20 | CVE-2016-5316 | Out-of-bounds Read vulnerability in multiple products Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool. | 4.3 |
| 2017-01-18 | CVE-2016-9297 | Out-of-bounds Read vulnerability in Libtiff 4.0.6 The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII tag values. | 5.0 |
| 2017-01-18 | CVE-2016-9273 | Out-of-bounds Read vulnerability in Libtiff 4.0.6 tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file, related to changing td_nstrips in TIFF_STRIPCHOP mode. | 4.3 |
| 2017-01-06 | CVE-2016-5652 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.6 An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. | 6.8 |
| 2016-12-06 | CVE-2015-8870 | Improper Input Validation vulnerability in Libtiff Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or RLE8 data in a BMP file. | 5.8 |
| 2016-10-28 | CVE-2016-8331 | Unspecified vulnerability in Libtiff 4.0.6 An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6. network libtiff | 6.8 |
| 2016-10-03 | CVE-2016-3658 | Out-of-bounds Read vulnerability in Libtiff The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving the ma variable. | 5.0 |
| 2016-10-03 | CVE-2016-3634 | Out-of-bounds Read vulnerability in Libtiff The tagCompare function in tif_dirinfo.c in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to field_tag matching. | 5.0 |
| 2016-10-03 | CVE-2016-3633 | Out-of-bounds Read vulnerability in Libtiff The setrow function in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the src variable. | 5.0 |