Download
| Alert*
oval:org.secpod.oval:def:701695
libtiff4 is installed oval:org.secpod.oval:def:702489 tiff: Tag Image File Format library Details: USN-2553-1 fixed vulnerabilities in LibTIFF. One of the security fixes caused a regression when saving certain TIFF files with a Predictor tag. The problematic patch has been temporarily backed out until a more complete fix is available. We apologize for ... oval:org.secpod.oval:def:701099 tiff: Tag Image File Format library Programs that use LibTIFF could be made to crash or run programs if they opened a specially crafted file. oval:org.secpod.oval:def:600929 The tiff library for handling TIFF image files contained a stack-based buffer overflow, potentially allowing attackers who can submit such files to a vulnerable system to execute arbitrary code. oval:org.secpod.oval:def:600916 It was discovered that ppm2tiff of the tiff tools, a set of utilities for TIFF manipulation and conversion, is not properly checking the return value of an internal function used in order to detect integer overflows. As a consequence, ppm2tiff suffers of a heap-based buffer overflow. This allows att ... oval:org.secpod.oval:def:701071 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:600902 It was discovered that a buffer overflow in libtiff"s parsing of files using PixarLog compression could lead to the execution of arbitrary code. oval:org.secpod.oval:def:600893 Several vulnerabilities were discovered in Tiff, a library set and tools to support the Tag Image File Format , allowing denial of service and potential privilege escalation. These vulnerabilities can be exploited via a specially crafted TIFF image. CVE-2012-2113 The tiff2pdf utility has an integer ... oval:org.secpod.oval:def:600773 Alexander Gavrun discovered an integer overflow in the TIFF library in the parsing of the TileSize entry, which could result in the execution of arbitrary code if a malformed image is opened. oval:org.secpod.oval:def:600565 Tavis Ormandy discovered that the Tag Image File Format library is vulnerable to a buffer overflow triggered by a crafted OJPEG file which allows for a crash and potentially execution of arbitrary code. The oldstable distribution is not affected by this problem. oval:org.secpod.oval:def:600575 The recent tiff update DSA-2210-1 introduced a regression that could lead to encoding problems of tiff files. This update fixes this problem . For reference, the description of the original DSA, which fixed CVE-2011-0191 CVE-2011-0192 CVE-2011-1167 CVE-2011-0191 A buffer overflow allows to execute a ... oval:org.secpod.oval:def:600561 Several vulnearbilities were discovered in the TIFF manipulation and conversion library: CVE-2011-0191 A buffer overflow allows to execute arbitrary code or cause a denial of service via a crafted TIFF image with JPEG encoding. This issue affects the Debian 5.0 Lenny package only. CVE-2011-0192 A bu ... oval:org.secpod.oval:def:601058 Multiple issues were discovered in the TIFF tools, a set of utilities for TIFF image file manipulation and conversion. CVE-2013-1960 Emmanuel Bouillon discovered a heap-based buffer overflow in the tp_process_jpeg_strip function in the tiff2pdf tool. This could potentially lead to a crash or arbitra ... oval:org.secpod.oval:def:701935 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701289 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:703038 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700929 tiff: Tag Image File Format library The TIFF library could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:600574 Several vulnerabilities were discovered in PHP, which could lead to denial of service or potentially the execution of arbitrary code. CVE-2010-2531 An information leak was found in the var_export function. CVE-2011-0421 The Zip module could crash. CVE-2011-0708 An integer overflow was discovered in ... oval:org.secpod.oval:def:702486 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. |