Download
| Alert*
|
oval:org.secpod.oval:def:63515
Several vulnerabilities have been found in the libtiff5-dev library, which may result in denial of service or the execution of arbitrary code if malformed image files are processed. oval:org.secpod.oval:def:89003263 This update for tiff fixes the following issues: Security issues fixed: - CVE-2019-14973: Fixed an improper check which was depended on the compiler which could have led to integer overflow . - CVE-2016-5102: Fixed a buffer overflow in readgifimage - CVE-2018-17000: Fixed a NULL pointer dereference ... oval:org.secpod.oval:def:1900077 A NULL pointer dereference in the function _libtiff-tools memcmp at tif_unix.c in Liblibtiff-tools 4.0.9 allows an attacker to cause a denial-of-service through a crafted libtiff-tools file. This vulnerability can be triggered by the executable libtiff-tool scp. oval:org.secpod.oval:def:604827 Several vulnerabilities have been found in the libtiff5-dev library, which may result in denial of service or the execution of arbitrary code if malformed image files are processed. oval:org.secpod.oval:def:53014 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:704820 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. |
