Download
| Alert*
oval:org.secpod.oval:def:1800291
CVE-2017-7592: Left shift of unsigned char without a cast. The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image. oval:org.secpod.oval:def:1800891 CVE-2017-7592: Left shift of unsigned char without a cast; The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image. oval:org.secpod.oval:def:89044645 This update for tiff to version 4.0.8 fixes a several bugs and security issues: These security issues were fixed: - CVE-2017-7595: The JPEGSetupEncode function allowed remote attackers to cause a denial of service via a crafted image . - CVE-2016-10371: The TIFFWriteDirectoryTagCheckedRational func ... oval:org.secpod.oval:def:112257 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:1800379 CVE-2017-7592: Left shift of unsigned char without a cast The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image. oval:org.secpod.oval:def:602867 Multiple vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service, memory disclosure or the execution of arbitrary code. oval:org.secpod.oval:def:89002535 This update for tiff fixes the following issues: Security issues fixed: - CVE-2016-5315: The setByteArray function in tif_dir.c allowed remote attackers to cause a denial of service via a crafted tiff image. - CVE-2016-10267: LibTIFF allowed remote attackers to cause a denial of service via a cra ... oval:org.secpod.oval:def:704020 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:2101461 LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1) checkInkNamesString function in tif_dir.c in the thumbnail tool, (2) compresscontig function in tiff2bw.c in the tiff2bw tool, (3) putcontig8bitCIELab function in tif ... oval:org.secpod.oval:def:52016 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:2101457 Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file. |