LibTIFF could be made to crash or run programs as your login if it opened a
specially crafted file ...
LibTIFF could be made to crash or run programs as your login if it opened a
specially crafted file ...
Multiple vulnerabilities have been discovered in the libtiff library
and the included tools tiff2rgba, rgb2ycbcr, tiffcp, tiffcrop, tiff2pdf
and tiffsplit, which may result in denial of service, memory disclosure
or the execution of arbitrary code
There were additional vulnerabilities in the tools bmp2tiff, gif2tiff,
thumbnail and ras2tiff, but si ...
Multiple flaws have been discovered in libtiff A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an application linked against libtiff into processing specially crafted files (CVE-2014-9655, CVE-2015-1547, CVE-2015-8784, CVE-2015-8683, CVE-2015-8665, CVE-2015-8781, ...
Multiple flaws have been discovered in libtiff A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an application linked against libtiff into processing specially crafted files (CVE-2014-9655, CVE-2015-1547, CVE-2015-8784, CVE-2015-8683, CVE-2015-8665, CVE-2015-8781, ...
Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlogc in LibTIFF 406 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image to tiffcp ...
Debian Bug report logs -
#820365
tiff: CVE-2016-3622: Division by zero in fpAcc function
Package:
src:tiff;
Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 7 Apr 2016 18:51:15 UTC
Severity: important
Tags: security, upstream
Foun ...
Debian Bug report logs -
#800124
tiff: CVE-2015-7313: OOM when parsing crafted tiff files
Package:
src:tiff;
Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sun, 27 Sep 2015 06:42:02 UTC
Severity: important
Tags: security, upstream
Fou ...
Debian Bug report logs -
#844013
tiff: CVE-2016-9273
Package:
src:tiff;
Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 11 Nov 2016 19:51:01 UTC
Severity: grave
Tags: fixed-upstream, patch, security, upstream
Found in versions tif ...
Debian Bug report logs -
#844226
tiff: CVE-2016-9297: potential read outside buffer in _TIFFPrintField()
Package:
src:tiff;
Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sun, 13 Nov 2016 16:09:04 UTC
Severity: normal
Tags: fixed-upstr ...
Debian Bug report logs -
#820362
tiff: CVE-2016-3619: Memory corruption in DumpModeEncode triggered by crafted bmp file
Package:
src:tiff;
Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 7 Apr 2016 18:51:02 UTC
Severity: important ...
Debian Bug report logs -
#842361
CVE-2016-5652: heap based buffer overflow in tiff2pdf
Package:
tiff;
Maintainer for tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Raphael Hertzog <hertzog@debianorg>
Date: Fri, 28 Oct 2016 12:42:05 UTC
Severity: important
Tags: fixed-upstream, patch, security, upstr ...
Debian Bug report logs -
#820363
tiff: CVE-2016-3620: Out-of-bound read in ZIPEncode
Package:
src:tiff;
Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 7 Apr 2016 18:51:06 UTC
Severity: important
Tags: security, upstream
Found in ...
Debian Bug report logs -
#819972
tiff: CVE-2016-3186: buffer overflow in gif2tiff
Package:
src:tiff;
Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 4 Apr 2016 12:51:02 UTC
Severity: important
Tags: security, upstream, wontfix
Fo ...
Debian Bug report logs -
#842046
Multiple CVE: Remove tools dropped by upstream
Package:
tiff;
Maintainer for tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Raphael Hertzog <hertzog@debianorg>
Date: Tue, 25 Oct 2016 14:00:02 UTC
Severity: important
Tags: security
Found in version 402-6
Fixed in v ...
Debian Bug report logs -
#842270
CVE-2016-6223: information leak in libtiff/tif_readc
Package:
tiff;
Maintainer for tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Raphael Hertzog <hertzog@debianorg>
Date: Thu, 27 Oct 2016 14:30:01 UTC
Severity: important
Tags: fixed-upstream, patch, security, upstr ...
Debian Bug report logs -
#820364
tiff: CVE-2016-3621: Out-of-bounds Read in the bmp2tiff tool
Package:
src:tiff;
Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 7 Apr 2016 18:51:11 UTC
Severity: important
Tags: security, upstream
...
Debian Bug report logs -
#820366
tiff: CVE-2016-3631: Illegal read in the cpStrips and cpTiles function
Package:
src:tiff;
Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 7 Apr 2016 18:54:02 UTC
Severity: important
Tags: fixed-ups ...
An out-of-bounds write flaw was found in libtiff v406 when using tiffcp command to handle malicious tiff file The vulnerability exists in the function horizontalDifference8() An attacker could control the head data of next heap which contains pre_size field and size filed to result in denial of service or arbitrary code execution ...
Vulmon