CVE-2017-7593

LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file ...

Debian Bug report logs - #859998 tiff: CVE-2017-7592 Package: src:tiff; Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 10 Apr 2017 06:18:02 UTC Severity: important Tags: fixed-upstream, security, upstream Found in version tiff/4 ...

Debian Bug report logs - #860000 tiff: CVE-2017-7593 Package: src:tiff; Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 10 Apr 2017 06:21:05 UTC Severity: important Tags: fixed-upstream, security, upstream Found in version tiff/4 ...

Debian Bug report logs - #860003 tiff: CVE-2017-7595 Package: src:tiff; Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 10 Apr 2017 06:45:02 UTC Severity: important Tags: security, upstream Found in version tiff/407-5 Fixed in v ...

Debian Bug report logs - #860001 tiff: CVE-2017-7594 Package: src:tiff; Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 10 Apr 2017 06:21:07 UTC Severity: important Tags: fixed-upstream, security, upstream Found in version tiff/4 ...

tif_readc in LibTIFF 407 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain sensitive information from process memory via a crafted image ...

A security issue has been found in libtiff < 407, where a crafted tiff image can cause a unitialized-memory access in tif_rawdata(), leading to information leakage ...