Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libtiff libtiff 3.8.1 vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2009-2347
Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 up to and including 3.8.2, 3.9, and 4.0 allow context-dependent malicious users to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buff...
Libtiff Libtiff 3.8.0
Libtiff Libtiff 3.8.1
Libtiff Libtiff 3.9
Libtiff Libtiff 4.0
Libtiff Libtiff 3.8.2
187
VMScore
CVE-2006-2120
The TIFFToRGB function in libtiff prior to 3.8.1 allows remote malicious users to cause a denial of service (crash) via a crafted TIFF image with Yr/Yg/Yb values that exceed the YCR/YCG/YCB values, which triggers an out-of-bounds read.
Libtiff Libtiff 3.8.1
668
VMScore
CVE-2006-2193
Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and previous versions allows malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which tr...
Libtiff Libtiff 3.4
Libtiff Libtiff 3.5.7
Libtiff Libtiff 3.6.0
Libtiff Libtiff 3.5.1
Libtiff Libtiff 3.5.2
Libtiff Libtiff 3.6.1
Libtiff Libtiff 3.7.0
Libtiff Libtiff 3.5.5
Libtiff Libtiff 3.5.6
Libtiff Libtiff 3.8.1
Libtiff Libtiff
Libtiff Libtiff 3.5.3
Libtiff Libtiff 3.5.4
Libtiff Libtiff 3.7.1
Libtiff Libtiff 3.8.0
605
VMScore
CVE-2008-2327
Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and previous versions allow context-dependent malicious users to execute arbitrary code via a crafted TIFF file, related to imp...
Libtiff Libtiff 3.4
Libtiff Libtiff 3.5.1
Libtiff Libtiff 3.6.0
Libtiff Libtiff 3.6.1
Libtiff Libtiff 3.5.6
Libtiff Libtiff 3.5.7
Libtiff Libtiff
Libtiff Libtiff 3.5.2
Libtiff Libtiff 3.5.3
Libtiff Libtiff 3.7.0
Libtiff Libtiff 3.7.1
Libtiff Libtiff 3.5.4
Libtiff Libtiff 3.5.5
Libtiff Libtiff 3.8.0
Libtiff Libtiff 3.8.1
755
VMScore
CVE-2006-2656
Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and previous versions might might allow malicious users to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is called with attac...
Libtiff Libtiff 3.6.1
Libtiff Libtiff 3.8.0
Libtiff Libtiff 3.8.1
Libtiff Libtiff 3.4
Libtiff Libtiff 3.5.7
Libtiff Libtiff 3.7.0
Libtiff Libtiff 3.6.0
Libtiff Libtiff 3.5.3
Libtiff Libtiff 3.7.1
Libtiff Libtiff 3.5.4
Libtiff Libtiff 3.5.2
Libtiff Libtiff 3.5.5
Libtiff Libtiff 3.5.1
Libtiff Libtiff 3.5.6
Libtiff Libtiff
1 EDB exploit
607
VMScore
CVE-2010-2065
Integer overflow in the TIFFroundup macro in LibTIFF prior to 3.9.3 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow.
Libtiff Libtiff 3.5.2
Libtiff Libtiff 3.5.3
Libtiff Libtiff 3.7.0
Libtiff Libtiff 3.7.1
Libtiff Libtiff 3.4
Libtiff Libtiff 3.6.0
Libtiff Libtiff 3.9.1
Libtiff Libtiff 3.9
Libtiff Libtiff 3.5.6
Libtiff Libtiff 3.5.7
Libtiff Libtiff 3.8.2
Libtiff Libtiff 3.9.0
Libtiff Libtiff 3.7.2
Libtiff Libtiff 3.7.3
Libtiff Libtiff 3.5.1
Libtiff Libtiff 3.6.1
Libtiff Libtiff
Libtiff Libtiff 3.7.4
Libtiff Libtiff 3.5.4
Libtiff Libtiff 3.5.5
Libtiff Libtiff 3.8.0
Libtiff Libtiff 3.8.1
447
VMScore
CVE-2010-2443
The OJPEGReadBufferFill function in tif_ojpeg.c in LibTIFF prior to 3.9.3 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via an OJPEG image with undefined strip offsets, related to the TIFFVGetField function.
Libtiff Libtiff 3.5.5
Libtiff Libtiff 3.9
Libtiff Libtiff 3.5.6
Libtiff Libtiff 3.8.1
Libtiff Libtiff 3.8.2
Libtiff Libtiff 3.4
Libtiff Libtiff 3.5.7
Libtiff Libtiff 3.7.0
Libtiff Libtiff 3.7.2
Libtiff Libtiff 3.5.1
Libtiff Libtiff 3.5.2
Libtiff Libtiff 3.6.1
Libtiff Libtiff
Libtiff Libtiff 3.6.0
Libtiff Libtiff 3.9.0
Libtiff Libtiff 3.9.1
Libtiff Libtiff 3.5.3
Libtiff Libtiff 3.5.4
Libtiff Libtiff 3.7.1
Libtiff Libtiff 3.8.0
Libtiff Libtiff 3.7.3
Libtiff Libtiff 3.7.4
384
VMScore
CVE-2010-2481
The TIFFExtractData macro in LibTIFF prior to 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file.
Libtiff Libtiff 3.4
Libtiff Libtiff 3.7.0
Libtiff Libtiff 3.6.0
Libtiff Libtiff 3.6.1
Libtiff Libtiff 3.8.0
Libtiff Libtiff 3.7.3
Libtiff Libtiff
Libtiff Libtiff 3.8.1
Libtiff Libtiff 3.5.7
Libtiff Libtiff 3.8.2
Libtiff Libtiff 3.7.2
Libtiff Libtiff 3.5.3
Libtiff Libtiff 3.7.1
Libtiff Libtiff 3.5.4
Libtiff Libtiff 3.5.2
Libtiff Libtiff 3.9.2
Libtiff Libtiff 3.7.4
Libtiff Libtiff 3.5.5
Libtiff Libtiff 3.9.0
Libtiff Libtiff 3.5.6
Libtiff Libtiff 3.5.1
Libtiff Libtiff 3.9.1
435
VMScore
CVE-2010-2482
LibTIFF 3.9.4 and previous versions does not properly handle an invalid td_stripbytecount field, which allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted TIFF file, a different vulnerability than CVE-2010-2443...
Libtiff Libtiff 3.4
Libtiff Libtiff 3.7.0
Libtiff Libtiff 3.6.0
Libtiff Libtiff 3.6.1
Libtiff Libtiff 3.8.0
Libtiff Libtiff 3.7.3
Libtiff Libtiff 3.8.1
Libtiff Libtiff 3.9.3
Libtiff Libtiff 3.5.7
Libtiff Libtiff 3.8.2
Libtiff Libtiff 3.7.2
Libtiff Libtiff 3.5.3
Libtiff Libtiff 3.7.1
Libtiff Libtiff 3.5.4
Libtiff Libtiff 3.5.2
Libtiff Libtiff
Libtiff Libtiff 3.9.2
Libtiff Libtiff 3.7.4
Libtiff Libtiff 3.5.5
Libtiff Libtiff 3.9.0
Libtiff Libtiff 3.5.6
Libtiff Libtiff 3.5.1
1 EDB exploit
605
VMScore
CVE-2011-1167
Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and previous versions allows remote malicious users to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value.
Libtiff Libtiff 3.4
Libtiff Libtiff 3.7.0
Libtiff Libtiff 3.6.0
Libtiff Libtiff 3.6.1
Libtiff Libtiff 3.8.0
Libtiff Libtiff 3.7.3
Libtiff Libtiff 3.8.1
Libtiff Libtiff 3.9.3
Libtiff Libtiff 3.5.7
Libtiff Libtiff 3.8.2
Libtiff Libtiff 3.7.2
Libtiff Libtiff 3.9.2-5.2.1
Libtiff Libtiff 3.5.3
Libtiff Libtiff 3.7.1
Libtiff Libtiff 3.5.4
Libtiff Libtiff 3.5.2
Libtiff Libtiff
Libtiff Libtiff 3.9.2
Libtiff Libtiff 3.7.4
Libtiff Libtiff 3.5.5
Libtiff Libtiff 3.9.0
Libtiff Libtiff 3.5.6
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »