LibTIFF could be made to crash or run programs as your login if it opened a
specially crafted file ...
Multiple flaws have been discovered in libtiff A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an application linked against libtiff into processing specially crafted files (CVE-2014-9655, CVE-2015-1547, CVE-2015-8784, CVE-2015-8683, CVE-2015-8665, CVE-2015-8781, ...
Multiple flaws have been discovered in libtiff A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an application linked against libtiff into processing specially crafted files (CVE-2014-9655, CVE-2015-1547, CVE-2015-8784, CVE-2015-8683, CVE-2015-8665, CVE-2015-8781, ...
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER ConsultIDs: CVE-2016-5314 Reason: This candidate is a reservation duplicate of CVE-2016-5314 Notes: All CVE users should reference CVE-2016-5314 instead of this candidate All references and descriptions in this candidate have been removed to prevent accidental usage ...
Debian Bug report logs -
#830700
CVE-2016-5314: tiff: PixarLogDecode() heap-based buffer overflow
Package:
tiff;
Maintainer for tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Henri Salo <henri@nervfi>
Date: Sun, 10 Jul 2016 14:57:02 UTC
Severity: grave
Tags: fixed-upstream, security, upstream
Found ...
Debian Bug report logs -
#820362
tiff: CVE-2016-3619: Memory corruption in DumpModeEncode triggered by crafted bmp file
Package:
src:tiff;
Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 7 Apr 2016 18:51:02 UTC
Severity: important ...
Debian Bug report logs -
#842361
CVE-2016-5652: heap based buffer overflow in tiff2pdf
Package:
tiff;
Maintainer for tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Raphael Hertzog <hertzog@debianorg>
Date: Fri, 28 Oct 2016 12:42:05 UTC
Severity: important
Tags: fixed-upstream, patch, security, upstr ...
Debian Bug report logs -
#820363
tiff: CVE-2016-3620: Out-of-bound read in ZIPEncode
Package:
src:tiff;
Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 7 Apr 2016 18:51:06 UTC
Severity: important
Tags: security, upstream
Found in ...
Debian Bug report logs -
#819972
tiff: CVE-2016-3186: buffer overflow in gif2tiff
Package:
src:tiff;
Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 4 Apr 2016 12:51:02 UTC
Severity: important
Tags: security, upstream, wontfix
Fo ...
Debian Bug report logs -
#842046
Multiple CVE: Remove tools dropped by upstream
Package:
tiff;
Maintainer for tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Raphael Hertzog <hertzog@debianorg>
Date: Tue, 25 Oct 2016 14:00:02 UTC
Severity: important
Tags: security
Found in version 402-6
Fixed in v ...
Debian Bug report logs -
#842270
CVE-2016-6223: information leak in libtiff/tif_readc
Package:
tiff;
Maintainer for tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Raphael Hertzog <hertzog@debianorg>
Date: Thu, 27 Oct 2016 14:30:01 UTC
Severity: important
Tags: fixed-upstream, patch, security, upstr ...
Debian Bug report logs -
#820364
tiff: CVE-2016-3621: Out-of-bounds Read in the bmp2tiff tool
Package:
src:tiff;
Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 7 Apr 2016 18:51:11 UTC
Severity: important
Tags: security, upstream
...
Debian Bug report logs -
#820366
tiff: CVE-2016-3631: Illegal read in the cpStrips and cpTiles function
Package:
src:tiff;
Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 7 Apr 2016 18:54:02 UTC
Severity: important
Tags: fixed-ups ...
An out-of-bounds write vulnerability was found in the PixarLogDecode() function in libtiff A maliciously crafted TIFF file could cause the application to crash or even execute arbitrary code on a vulnerable machine when using the rgb2ycbcr command ...