Multiple vulnerabilities in libtiff prior to 3.8.1 allow context-dependent malicious users to cause a denial of service via a TIFF image that triggers errors in (1) the TIFFFetchAnyArray function in (a) tif_dirread.c; (2) certain "codec cleanup methods" in (b) tif_lzw.c, (c) tif_pixarlog.c, and (d) tif_zip.c; (3) and improper restoration of setfield and getfield methods in cleanup functions within (e) tif_jpeg.c, tif_pixarlog.c, (f) tif_fax3.c, and tif_zip.c.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
libtiff libtiff 3.5.6 |
||
libtiff libtiff 3.5.7 |
||
libtiff libtiff 3.5.4 |
||
libtiff libtiff 3.5.5 |
||
libtiff libtiff |
||
libtiff libtiff 3.4 |
||
libtiff libtiff 3.6.0 |
||
libtiff libtiff 3.6.1 |
||
libtiff libtiff 3.5.1 |
||
libtiff libtiff 3.5.2 |
||
libtiff libtiff 3.5.3 |
||
libtiff libtiff 3.7.0 |
||
libtiff libtiff 3.7.1 |
Vulmon