Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libtiff vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2016-3633
The setrow function in the thumbnail tool in LibTIFF 4.0.6 and previous versions allows remote malicious users to cause a denial of service (out-of-bounds read) via vectors related to the src variable.
Libtiff Libtiff
7.5
CVSSv3
CVE-2016-3634
The tagCompare function in tif_dirinfo.c in the thumbnail tool in LibTIFF 4.0.6 and previous versions allows remote malicious users to cause a denial of service (out-of-bounds read) via vectors related to field_tag matching.
Libtiff Libtiff
5.5
CVSSv3
CVE-2023-0796
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing malicious users to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
Libtiff Libtiff
5.5
CVSSv3
CVE-2023-0804
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing malicious users to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
Libtiff Libtiff
6.5
CVSSv3
CVE-2017-9937
In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A crafted TIFF document can lead to an abort resulting in a remote denial of service attack.
Libtiff Libtiff
6.1
CVSSv3
CVE-2023-1916
A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue aff...
Libtiff Libtiff
NA
CVE-2012-1173
Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote malicious users to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTileSeparate or (2) gtStripSeparate function, leading to a heap-based buffer ov...
Libtiff Libtiff 3.9.4
6.5
CVSSv3
CVE-2016-3619
The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and previous versions, when the "-c none" option is used, allows remote malicious users to cause a denial of service (buffer over-read) via a crafted BMP image.
Libtiff Libtiff 4.0.6
6.5
CVSSv3
CVE-2016-3622
The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF 4.0.6 and previous versions allows remote malicious users to cause a denial of service (divide-by-zero error) via a crafted TIFF image.
Libtiff Libtiff 4.0.6
5.5
CVSSv3
CVE-2023-30775
A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c.
Libtiff Libtiff 4.4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »