Download
| Alert*
|
oval:org.secpod.oval:def:702486
tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:602114 William Robinet and Michal Zalewski discovered multiple vulnerabilities in the TIFF library and its tools, which may result in denial of service or the execution of arbitrary code if a malformed TIFF file is processed. oval:org.secpod.oval:def:52440 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:89045438 tiff was updated to fix six security issues found by fuzzing initiatives. These security issues were fixed: - CVE-2014-8127: Out-of-bounds write . - CVE-2014-8128: Out-of-bounds write . - CVE-2014-8129: Out-of-bounds write . - CVE-2014-8130: Out-of-bounds write . - CVE-2014-9655: Access of uninitial ... oval:org.secpod.oval:def:25256 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.3 and is prone to an arbitrary code execution vulnerability. A flaw is present in libtiff, which fails to handle unspecified vectors. Successful exploitation allows attackers to arbitrary code execution. oval:org.secpod.oval:def:24751 The host is installed with libtiff on RHEL 5, 6 or 7 and is prone to multiple out-of-bounds read vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:25312 The host is missing a security update according to Apple advisory, APPLE-SA-2015-06-30-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a crafted vectors. Successful exploitation leads to information disclosure, security bypas ... oval:org.secpod.oval:def:2101461 LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1) checkInkNamesString function in tif_dir.c in the thumbnail tool, (2) compresscontig function in tiff2bw.c in the tiff2bw tool, (3) putcontig8bitCIELab function in tif ... oval:org.secpod.oval:def:89043844 This update for tiff fixes the following security issues: - CVE-2017-5225: Prevent heap buffer overflow in the tools/tiffcp that could have caused DoS or code execution via a crafted BitsPerSample value - CVE-2018-7456: Prevent a NULL Pointer dereference in the function TIFFPrintDirectory when usin ... oval:org.secpod.oval:def:2101457 Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file. oval:org.secpod.oval:def:89002081 This update for tiff to version 4.0.9 fixes the following issues: Security issues fixed: - CVE-2014-8128: Fix out-of-bounds read with malformed TIFF image in multiple tools . - CVE-2015-7554: Fix invalid write in tiffsplit / _TIFFVGetField . - CVE-2016-10095: Fix stack-based buffer overflow in _TIFF ... |
