Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libtiff libtiff vulnerabilities and exploits
(subscribe to this query)
454
VMScore
CVE-2004-1183
Integer overflow in the tiffdump utility for libtiff 3.7.1 and previous versions allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF file.
Libtiff Libtiff 3.5.6
Libtiff Libtiff 3.5.7
Libtiff Libtiff 3.5.1
Libtiff Libtiff 3.5.2
Libtiff Libtiff 3.5.3
Libtiff Libtiff 3.7.0
Libtiff Libtiff 3.7.1
Libtiff Libtiff 3.4
Libtiff Libtiff 3.6.0
Libtiff Libtiff 3.6.1
Libtiff Libtiff 3.5.4
Libtiff Libtiff 3.5.5
890
VMScore
CVE-2004-1308
Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff 3.5.7 and 3.7.0 allows remote malicious users to execute arbitrary code via a TIFF file containing a TIFF_ASCII or TIFF_UNDEFINED directory entry with a -1 entry count, which leads to a heap-based buffer overflo...
Libtiff Libtiff 3.4
Libtiff Libtiff 3.6.0
Libtiff Libtiff 3.6.1
Libtiff Libtiff 3.7.0
Libtiff Libtiff 3.5.3
Libtiff Libtiff 3.5.4
Libtiff Libtiff 3.5.5
Libtiff Libtiff 3.5.7
Libtiff Libtiff 3.5.1
Libtiff Libtiff 3.5.2
828
VMScore
CVE-2009-2347
Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 up to and including 3.8.2, 3.9, and 4.0 allow context-dependent malicious users to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buff...
Libtiff Libtiff 3.8.0
Libtiff Libtiff 3.8.1
Libtiff Libtiff 3.9
Libtiff Libtiff 4.0
Libtiff Libtiff 3.8.2
445
VMScore
CVE-2005-2452
libtiff up to 3.7.0 allows remote malicious users to cause a denial of service (application crash) via a TIFF image header with a zero "YCbCr subsampling" value, which causes a divide-by-zero error in (1) tif_strip.c and (2) tif_tile.c, a different vulnerability than CV...
Libtiff Libtiff 3.5.7
Libtiff Libtiff 3.6.1
Libtiff Libtiff 3.5.5
668
VMScore
CVE-2010-2233
tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF image, relat...
Libtiff Libtiff 3.9.2
Libtiff Libtiff 3.9.0
383
VMScore
CVE-2010-2595
The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote malicious users to cause a denial of service (application crash) via a crafted TIFF image that triggers an array index ...
Libtiff Libtiff 3.9.0
Libtiff Libtiff 3.9.2
383
VMScore
CVE-2010-2596
The OJPEGPostDecode function in tif_ojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows remote malicious users to cause a denial of service (assertion failure and application exit) via a crafted TIFF image, related to "downsampled OJPEG input."
Libtiff Libtiff 3.9.0
Libtiff Libtiff 3.9.2
385
VMScore
CVE-2010-2597
The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote malicious users to cause a denial of service (application crash) via a crafted TIFF image, related to "downsampled OJPEG input" ...
Libtiff Libtiff 3.9.0
Libtiff Libtiff 3.9.2
383
VMScore
CVE-2004-0804
Vulnerability in tif_dirread.c for libtiff allows remote malicious users to cause a denial of service (application crash) via a TIFF image that causes a divide-by-zero error when the number of row bytes is zero, a different vulnerability than CVE-2005-2452.
Libtiff Libtiff
NA
CVE-2023-1916
A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue aff...
Libtiff Libtiff
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »