Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libtiff vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2017-7602
LibTIFF 4.0.7 has a signed integer overflow, which might allow remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
Libtiff Libtiff 4.0.7
1 Github repository
2.1
CVSSv2
CVE-2006-2120
The TIFFToRGB function in libtiff prior to 3.8.1 allows remote malicious users to cause a denial of service (crash) via a crafted TIFF image with Yr/Yg/Yb values that exceed the YCR/YCG/YCB values, which triggers an out-of-bounds read.
Libtiff Libtiff 3.8.1
NA
CVE-2023-26966
libtiff 4.5.0 is vulnerable to Buffer Overflow in uv_encode() when libtiff reads a corrupted little-endian TIFF file and specifies the output to be big-endian.
Libtiff Libtiff 4.5.0
5
CVSSv2
CVE-2017-12944
The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mishandles memory allocation for short files, which allows remote malicious users to cause a denial of service (allocation failure and application crash) in the TIFFFetchStripThing function in tif_dirread.c during ...
Libtiff Libtiff 4.0.8
4.3
CVSSv2
CVE-2017-13726
There is a reachable assertion abort in the function TIFFWriteDirectorySec() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack.
Libtiff Libtiff 4.0.8
4.3
CVSSv2
CVE-2017-13727
There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack.
Libtiff Libtiff 4.0.8
NA
CVE-2020-18768
There exists one heap buffer overflow in _TIFFmemcpy in tif_unix.c in libtiff 4.0.10, which allows an malicious user to cause a denial-of-service through a crafted tiff file.
Libtiff Libtiff 4.0.10
6.8
CVSSv2
CVE-2017-17973
In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue
Libtiff Libtiff 4.0.8
7.5
CVSSv2
CVE-2016-9539
tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer(). Reported as MSVR 35092.
Libtiff Libtiff 4.0.6
4.3
CVSSv2
CVE-2017-11613
In LibTIFF 4.0.8, there is a denial of service vulnerability in the TIFFOpen function. A crafted input will lead to a denial of service attack. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly controlled by an input file. In ...
Libtiff Libtiff 4.0.8
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »