Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libtiff vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-7595
The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a crafted image.
Libtiff Libtiff 4.0.7
6.5
CVSSv3
CVE-2016-3619
The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and previous versions, when the "-c none" option is used, allows remote malicious users to cause a denial of service (buffer over-read) via a crafted BMP image.
Libtiff Libtiff 4.0.6
6.5
CVSSv3
CVE-2016-3622
The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF 4.0.6 and previous versions allows remote malicious users to cause a denial of service (divide-by-zero error) via a crafted TIFF image.
Libtiff Libtiff 4.0.6
7.8
CVSSv3
CVE-2016-10271
tools/tiffcrop.c in LibTIFF 4.0.7 allows remote malicious users to cause a denial of service (heap-based buffer over-read and buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 1" and libtiff/tif_fax3.c:413:13.
Libtiff Libtiff 4.0.7
7.5
CVSSv3
CVE-2017-10688
In LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectoryTagCheckedLong8Array function in tif_dirwrite.c. A crafted input will lead to a remote denial of service attack.
Libtiff Libtiff 4.0.8
1 EDB exploit
7.5
CVSSv3
CVE-2017-12944
The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mishandles memory allocation for short files, which allows remote malicious users to cause a denial of service (allocation failure and application crash) in the TIFFFetchStripThing function in tif_dirread.c during ...
Libtiff Libtiff 4.0.8
6.5
CVSSv3
CVE-2017-13726
There is a reachable assertion abort in the function TIFFWriteDirectorySec() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack.
Libtiff Libtiff 4.0.8
6.5
CVSSv3
CVE-2017-13727
There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack.
Libtiff Libtiff 4.0.8
7.8
CVSSv3
CVE-2017-7600
LibTIFF 4.0.7 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
Libtiff Libtiff 4.0.7
8.8
CVSSv3
CVE-2017-17095
tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote malicious users to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file.
Libtiff Libtiff 4.0.9
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »