LibTIFF could be made to crash or run programs as your login if it opened a
specially crafted file ...
LibTIFF could be made to crash or run programs as your login if it opened a
specially crafted file ...
Multiple vulnerabilities have been discovered in the libtiff library
and the included tools tiff2rgba, rgb2ycbcr, tiffcp, tiffcrop, tiff2pdf
and tiffsplit, which may result in denial of service, memory disclosure
or the execution of arbitrary code
There were additional vulnerabilities in the tools bmp2tiff, gif2tiff,
thumbnail and ras2tiff, but si ...
The rgb2ycbcr tool in LibTIFF 406 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v or (2) h parameter to 0 ...
Debian Bug report logs -
#820362
tiff: CVE-2016-3619: Memory corruption in DumpModeEncode triggered by crafted bmp file
Package:
src:tiff;
Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 7 Apr 2016 18:51:02 UTC
Severity: important ...
Debian Bug report logs -
#842361
CVE-2016-5652: heap based buffer overflow in tiff2pdf
Package:
tiff;
Maintainer for tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Raphael Hertzog <hertzog@debianorg>
Date: Fri, 28 Oct 2016 12:42:05 UTC
Severity: important
Tags: fixed-upstream, patch, security, upstr ...
Debian Bug report logs -
#820363
tiff: CVE-2016-3620: Out-of-bound read in ZIPEncode
Package:
src:tiff;
Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 7 Apr 2016 18:51:06 UTC
Severity: important
Tags: security, upstream
Found in ...
Debian Bug report logs -
#819972
tiff: CVE-2016-3186: buffer overflow in gif2tiff
Package:
src:tiff;
Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 4 Apr 2016 12:51:02 UTC
Severity: important
Tags: security, upstream, wontfix
Fo ...
Debian Bug report logs -
#842046
Multiple CVE: Remove tools dropped by upstream
Package:
tiff;
Maintainer for tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Raphael Hertzog <hertzog@debianorg>
Date: Tue, 25 Oct 2016 14:00:02 UTC
Severity: important
Tags: security
Found in version 402-6
Fixed in v ...
Debian Bug report logs -
#842270
CVE-2016-6223: information leak in libtiff/tif_readc
Package:
tiff;
Maintainer for tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Raphael Hertzog <hertzog@debianorg>
Date: Thu, 27 Oct 2016 14:30:01 UTC
Severity: important
Tags: fixed-upstream, patch, security, upstr ...
Debian Bug report logs -
#820364
tiff: CVE-2016-3621: Out-of-bounds Read in the bmp2tiff tool
Package:
src:tiff;
Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 7 Apr 2016 18:51:11 UTC
Severity: important
Tags: security, upstream
...
Debian Bug report logs -
#820366
tiff: CVE-2016-3631: Illegal read in the cpStrips and cpTiles function
Package:
src:tiff;
Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 7 Apr 2016 18:54:02 UTC
Severity: important
Tags: fixed-ups ...
Division by zero vulnerability was found in cvtRaster function in rgb2ycybrc, allowing attacker to cause a denial of service via a crafted TIFF image ...
Vulmon