Download
| Alert*
|
oval:org.secpod.oval:def:39714
The host is installed with Apple Mac OS X or Server 10.12.3 and is prone to a cpStripToTile heap-buffer-overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:2101323 tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka "cpStripToTile heap-buffer-overflow." oval:org.secpod.oval:def:39718 The host is missing a security update according to Apple advisory, APPLE-SA-2017-03-27-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:204091 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ... oval:org.secpod.oval:def:602743 Multiple vulnerabilities have been discovered in the libtiff library and the included tools tiff2rgba, rgb2ycbcr, tiffcp, tiffcrop, tiff2pdf and tiffsplit, which may result in denial of service, memory disclosure or the execution of arbitrary code. There were additional vulnerabilities in the tools ... oval:org.secpod.oval:def:1600515 Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an application linked against libtiff into processing specially crafted files. Multiple flaws have been discovered in va ... oval:org.secpod.oval:def:204092 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ... oval:org.secpod.oval:def:89043844 This update for tiff fixes the following security issues: - CVE-2017-5225: Prevent heap buffer overflow in the tools/tiffcp that could have caused DoS or code execution via a crafted BitsPerSample value - CVE-2018-7456: Prevent a NULL Pointer dereference in the function TIFFPrintDirectory when usin ... oval:org.secpod.oval:def:51731 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:501973 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ... oval:org.secpod.oval:def:1501752 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501753 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:703489 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. |
