Download
| Alert*
|
oval:org.secpod.oval:def:51731
tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:1800122 CVE-2016-9273: heap-buffer-overflow in cpStrips. Reference: CVE-2016-9297: segfault in _TIFFPrintField. Reference: CVE-2016-9448: Invalid read of size 1 in TIFFFetchNormalTag. Fix for CVE-2016-9297 introduced this issue. oval:org.secpod.oval:def:2101457 Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file. oval:org.secpod.oval:def:602743 Multiple vulnerabilities have been discovered in the libtiff library and the included tools tiff2rgba, rgb2ycbcr, tiffcp, tiffcrop, tiff2pdf and tiffsplit, which may result in denial of service, memory disclosure or the execution of arbitrary code. There were additional vulnerabilities in the tools ... oval:org.secpod.oval:def:89045127 The tiff library and tools were updated to version 4.0.7 fixing various bug and security issues. - CVE-2014-8127: out-of-bounds read with malformed TIFF image in multiple tools [bnc#914890] - CVE-2016-9297: tif_dirread.c read outside buffer in _TIFFPrintField [bnc#1010161] - CVE-2016-3658: Illegal r ... oval:org.secpod.oval:def:89045358 This update for tiff fixes the following issues: - CVE-2016-3622: Specially crafted TIFF images could trigger a crash in tiff2rgba - Various out-of-bound write vulnerabilities with unspecified impact - CVE-2016-5314: Specially crafted TIFF images could trigger a crash that could result in DoS - C ... oval:org.secpod.oval:def:703489 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. |
