CVE-2017-9147

LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file ...

Multiple vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service or the execution of arbitrary code For the oldstable distribution (jessie), these problems have been fixed in version 403-123+deb8u4 For the stable distribution (stretch), these problems have been fixed in version ...

Debian Bug report logs - #866113 tiff: CVE-2017-9936: Memory leak in tif_jbigc can lead to DoS Package: src:tiff; Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 27 Jun 2017 12:42:02 UTC Severity: important Tags: fixed-upstream, p ...

Debian Bug report logs - #866611 tiff: CVE-2017-10688 Package: src:tiff; Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 30 Jun 2017 13:57:01 UTC Severity: important Tags: security, upstream Found in version tiff/408-2 Fixed in ...

Debian Bug report logs - #863185 tiff: CVE-2017-9147: Out of bound read in _TIFFVGetField Package: src:tiff; Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 23 May 2017 04:54:02 UTC Severity: important Tags: fixed-upstream, securit ...

Debian Bug report logs - #850316 tiff: CVE-2016-10095: stack-based buffer overflow in _TIFFVGetField (tif_dirc) Package: src:tiff; Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 5 Jan 2017 20:36:09 UTC Severity: important Tags: ...

LibTIFF 407 has an invalid read in the _TIFFVGetField function in tif_dirc, which might allow remote attackers to cause a denial of service (crash) via a crafted TIFF file ...