Show filters
257 Total Results
Displaying 171-180 of 257
Sort by:
Attacker Value
Unknown

CVE-2016-9539

Disclosure Date: November 22, 2016 (last updated November 25, 2024)
tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer(). Reported as MSVR 35092.
0
0
Attacker Value
Unknown

CVE-2016-9537

Disclosure Date: November 22, 2016 (last updated November 25, 2024)
tools/tiffcrop.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in buffers. Reported as MSVR 35093, MSVR 35096, and MSVR 35097.
0
0
Attacker Value
Unknown

CVE-2016-9535

Disclosure Date: November 22, 2016 (last updated November 25, 2024)
tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka "Predictor heap-buffer-overflow."
0
0
Attacker Value
Unknown

CVE-2016-9534

Disclosure Date: November 22, 2016 (last updated November 25, 2024)
tif_write.c in libtiff 4.0.6 has an issue in the error code path of TIFFFlushData1() that didn't reset the tif_rawcc and tif_rawcp members. Reported as MSVR 35095, aka "TIFFFlushData1 heap-buffer-overflow."
0
0
Attacker Value
Unknown

CVE-2016-8331

Disclosure Date: October 28, 2016 (last updated November 25, 2024)
An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6. A crafted TIFF document can lead to a type confusion vulnerability resulting in remote code execution. This vulnerability can be triggered via a TIFF file delivered to the application using LibTIFF's tag extension functionality.
0
0
Attacker Value
Unknown

CVE-2016-3621

Disclosure Date: October 03, 2016 (last updated November 25, 2024)
The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c lzw" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.
0
0
Attacker Value
Unknown

CVE-2016-3631

Disclosure Date: October 03, 2016 (last updated November 25, 2024)
The (1) cpStrips and (2) cpTiles functions in the thumbnail tool in LibTIFF 4.0.6 and earlier allow remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the bytecounts[] array variable.
0
0
Attacker Value
Unknown

CVE-2016-3623

Disclosure Date: October 03, 2016 (last updated November 25, 2024)
The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v or (2) h parameter to 0.
0
0
Attacker Value
Unknown

CVE-2016-3624

Disclosure Date: October 03, 2016 (last updated November 25, 2024)
The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) by setting the "-v" option to -1.
0
0
Attacker Value
Unknown

CVE-2016-3633

Disclosure Date: October 03, 2016 (last updated November 25, 2024)
The setrow function in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the src variable.
0
0
View More Topics  < Previous  Next >