Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libtiff vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-17795
The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and previous versions allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-...
Libtiff Libtiff 4.0.9
8.8
CVSSv3
CVE-2017-17095
tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote malicious users to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file.
Libtiff Libtiff 4.0.9
1 EDB exploit
5.5
CVSSv3
CVE-2020-18768
There exists one heap buffer overflow in _TIFFmemcpy in tif_unix.c in libtiff 4.0.10, which allows an malicious user to cause a denial-of-service through a crafted tiff file.
Libtiff Libtiff 4.0.10
NA
CVE-2012-1173
Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote malicious users to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTileSeparate or (2) gtStripSeparate function, leading to a heap-based buffer ov...
Libtiff Libtiff 3.9.4
8.8
CVSSv3
CVE-2017-5563
LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff.
Libtiff Libtiff 4.0.7
8.8
CVSSv3
CVE-2017-11335
There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig=Contig image, which causes a more than one hundred bytes out-of-bounds write (related to the ZIPDecode function in tif_zip.c). A crafted input may lead to a remote denial of service atta...
Libtiff Libtiff 4.0.8
NA
CVE-2006-2120
The TIFFToRGB function in libtiff prior to 3.8.1 allows remote malicious users to cause a denial of service (crash) via a crafted TIFF image with Yr/Yg/Yb values that exceed the YCR/YCG/YCB values, which triggers an out-of-bounds read.
Libtiff Libtiff 3.8.1
5.5
CVSSv3
CVE-2017-7594
The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote malicious users to cause a denial of service (memory leak) via a crafted image.
Libtiff Libtiff 4.0.7
7.5
CVSSv3
CVE-2017-12944
The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mishandles memory allocation for short files, which allows remote malicious users to cause a denial of service (allocation failure and application crash) in the TIFFFetchStripThing function in tif_dirread.c during ...
Libtiff Libtiff 4.0.8
9.8
CVSSv3
CVE-2017-5225
LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value.
Libtiff Libtiff 4.0.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »