Download
| Alert*
|
oval:org.secpod.oval:def:89002275
This update for tiff fixes the following issues: These security issues were fixed: - CVE-2017-18013: There was a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. - CVE-2018-10963: The TIFFWriteDirectorySec function in tif_dirwrite.c allow ... oval:org.secpod.oval:def:51731 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:1800621 CVE-2015-7554: invalid write. The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to cause a denial of service or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image. oval:org.secpod.oval:def:703489 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:1800339 CVE-2015-7554: invalid write The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to cause a denial of service or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image. oval:org.secpod.oval:def:1600435 Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an application linked against libtiff into processing specially crafted files. Multiple flaws have been discovered in va ... oval:org.secpod.oval:def:203982 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ... oval:org.secpod.oval:def:89043844 This update for tiff fixes the following security issues: - CVE-2017-5225: Prevent heap buffer overflow in the tools/tiffcp that could have caused DoS or code execution via a crafted BitsPerSample value - CVE-2018-7456: Prevent a NULL Pointer dereference in the function TIFFPrintDirectory when usin ... oval:org.secpod.oval:def:1800122 CVE-2016-9273: heap-buffer-overflow in cpStrips. Reference: CVE-2016-9297: segfault in _TIFFPrintField. Reference: CVE-2016-9448: Invalid read of size 1 in TIFFFetchNormalTag. Fix for CVE-2016-9297 introduced this issue. oval:org.secpod.oval:def:1501540 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ... oval:org.secpod.oval:def:2101457 Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file. oval:org.secpod.oval:def:501854 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ... oval:org.secpod.oval:def:1501543 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ... oval:org.secpod.oval:def:203978 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ... oval:org.secpod.oval:def:501858 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ... |
