CVE-2017-18013

Multiple vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service or the execution of arbitrary code For the oldstable distribution (jessie), these problems have been fixed in version 403-123+deb8u5 For the stable distribution (stretch), these problems have been fixed in version ...

Debian Bug report logs - #885985 tiff: CVE-2017-18013: NULL Pointer Dereference Package: src:tiff; Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 1 Jan 2018 10:06:01 UTC Severity: important Tags: patch, security, upstream Found ...

Debian Bug report logs - #891288 tiff: CVE-2018-7456: null pointer dereference Package: src:tiff; Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 24 Feb 2018 09:27:02 UTC Severity: important Tags: fixed-upstream, security, upstream ...

Debian Bug report logs - #866109 tiff: CVE-2017-9935: Heap-based buffer overflow in t2p_write_pdf Package: src:tiff; Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 27 Jun 2017 12:21:01 UTC Severity: grave Tags: fixed-upstream, sec ...

LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file ...

LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file ...

In LibTIFF 409, there is a Null-Pointer Dereference in the tif_printc TIFFPrintDirectory function, as demonstrated by a tiffinfo crash ...

A null-pointer dereference issue has been found in libtiff before 4010, in the TIFFPrintDirectory() function in tiffinfoc, while parsing the "1 Strips: " section of a crafted image, as demonstrated by a tiffinfo tool crash ...