Download
| Alert*
oval:org.secpod.oval:def:503401
The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * libtiff: Heap-based buffer overflow in the cpSeparateBufToContigBuf function resulting in a denial of service or possibly code execution For more details about the security issue, i ... oval:org.secpod.oval:def:201560 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF Internet Fax image files, compressed with the CCITT Group 4 compression algorithm. An attacker could use this fl ... oval:org.secpod.oval:def:201492 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF Internet Fax image files, compressed with the CCITT Group 4 compression algorithm. An attacker could use this fl ... oval:org.secpod.oval:def:202090 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Several integer overflow flaws, leading to heap-based buffer overflows, were found in various libtiff color space conversion tools. An attacker could create a specially-crafted TIFF file, which once ... oval:org.secpod.oval:def:89002038 This update for tiff fixes the following issues: Security issues fixed: - CVE-2018-12900: Fixed heap-based buffer overflow in the cpSeparateBufToContigBuf . - CVE-2018-18661: Fixed NULL pointer dereference in the function LZWDecode in the file tif_lzw.c . - CVE-2018-18557: Fixed JBIG decode can lead ... oval:org.secpod.oval:def:89002304 This update for tiff fixes the following issues: Security issues fixed: - CVE-2018-12900: Fixed heap-based buffer overflow in the cpSeparateBufToContigBuf . - CVE-2018-18661: Fixed NULL pointer dereference in the function LZWDecode in the file tif_lzw.c . - CVE-2018-18557: Fixed JBIG decode can lead ... oval:org.secpod.oval:def:203044 libtiff is installed oval:org.secpod.oval:def:202180 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Several integer overflow flaws, leading to heap-based buffer overflows, were found in various libtiff color space conversion tools. An attacker could create a specially-crafted TIFF file, which once ... oval:org.secpod.oval:def:66466 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * libtiff: Heap-based buffer overflow in the cpSeparateBufToContigBuf function resulting in a denial of service or possibly code execution For more details about the security issue, i ... oval:org.secpod.oval:def:504743 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * libtiff: integer overflow leading to heap-based buffer overflow in tif_getimage.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and ... oval:org.secpod.oval:def:67985 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * libtiff: integer overflow leading to heap-based buffer overflow in tif_getimage.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and ... oval:org.secpod.oval:def:1601296 A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF images using the Pixar Log Format encoding. An attacker could create a specially-crafted TIFF file that, when opened, could cause an application using libtiff to crash or, possibly, execute arbitrary code with the ... oval:org.secpod.oval:def:202504 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF images using the Pixar Log Format encoding. An attacker could create a specially-crafted TIFF file that, when op ... oval:org.secpod.oval:def:202311 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Two integer overflow flaws, leading to heap-based buffer overflows, were found in the way libtiff attempted to allocate space for a tile in a TIFF image file. An attacker could use these flaws to cr ... oval:org.secpod.oval:def:1601367 Two integer overflow flaws, leading to heap-based buffer overflows, were found in the way libtiff attempted to allocate space for a tile in a TIFF image file. An attacker could use these flaws to create a specially-crafted TIFF file that, when opened, would cause an application linked against libtif ... oval:org.secpod.oval:def:500343 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Multiple integer overflow flaws, leading to a buffer overflow, were discovered in libtiff. An attacker could use these flaws to create a specially-crafted TIFF file that, when opened, would cause an ... oval:org.secpod.oval:def:500163 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF image files that were compressed with the JPEG compression algorithm. An attacker could use this flaw to create ... oval:org.secpod.oval:def:201691 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Multiple integer overflow flaws, leading to a buffer overflow, were discovered in libtiff. An attacker could use these flaws to create a specially-crafted TIFF file that, when opened, would cause an ... oval:org.secpod.oval:def:1503295 Updated libtiff packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ... oval:org.secpod.oval:def:201872 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Multiple integer overflow flaws, leading to a buffer overflow, were discovered in libtiff. An attacker could use these flaws to create a specially-crafted TIFF file that, when opened, would cause an ... oval:org.secpod.oval:def:201581 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF files encoded with a 4-bit run-length encoding scheme from ThunderScan. An attacker could use this flaw to creat ... oval:org.secpod.oval:def:200553 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF files encoded with a 4-bit run-length encoding scheme from ThunderScan. An attacker could use this flaw to creat ... oval:org.secpod.oval:def:507470 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * LibTiff: DoS from Divide By Zero Error * libtiff: Double free or corruption in rotateImage function at tiffcrop.c * libtiff: tiffcrop: heap-buffer-overflow in extractImageSection i ... oval:org.secpod.oval:def:19500002 There is a double free or corruption in rotateImage at tiffcrop.c:8839 found in libtiff 4.4.0rc1. A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage at tiffcrop.c:8621 that can cause program crash when reading a crafted input. It was found in libtiff 4.4.0rc1 th ... oval:org.secpod.oval:def:202316 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Two integer overflow flaws, leading to heap-based buffer overflows, were found in the way libtiff attempted to allocate space for a tile in a TIFF image file. An attacker could use these flaws to cr ... oval:org.secpod.oval:def:202502 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF images using the Pixar Log Format encoding. An attacker could create a specially-crafted TIFF file that, when op ... oval:org.secpod.oval:def:1505690 [4.0.9-21] - Fix CVE-2020-19131 oval:org.secpod.oval:def:1506350 [4.0.9-26] - Fix various CVEs - Resolves: CVE-2022-2519 CVE-2022-2520 CVE-2022-2521 CVE-2022-2953 [4.0.9-25] - Fix CVE-2022-2867 - Fix CVE-2022-2868 - Fix CVE-2022-2869 [4.0.9-24] - Fix CVE-2022-2056 CVE-2022-2057 CVE-2022-2058 - Resolves: #2103222 oval:org.secpod.oval:def:1506369 [4.4.0-5] - Bump release - Resolves: CVE-2022-2953 [4.4.0-4] - Resolves: CVE-2022-2519 CVE-2022-2520 CVE-2022-2521 [4.4.0-3] - Fix CVE-2022-2056 CVE-2022-2057 CVE-2022-2058 - Resolves: #2106768 oval:org.secpod.oval:def:121710 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:119735 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:4501483 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * libtiff: out-of-bounds write in extractContigSamplesShifted16bits in tools/tiffcrop.c * libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c when called by functions in ... oval:org.secpod.oval:def:500650 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Several integer overflow flaws, leading to heap-based buffer overflows, were found in various libtiff color space conversion tools. An attacker could create a specially-crafted TIFF file, which once ... oval:org.secpod.oval:def:5800025 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * LibTiff: DoS from Divide By Zero Error * libtiff: Double free or corruption in rotateImage function at tiffcrop.c * libtiff: tiffcrop: heap-buffer-overflow in extractImageSection i ... oval:org.secpod.oval:def:2600133 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. oval:org.secpod.oval:def:2500913 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. oval:org.secpod.oval:def:4501182 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * LibTiff: DoS from Divide By Zero Error * libtiff: Double free or corruption in rotateImage function at tiffcrop.c * libtiff: uint32_t underflow leads to out of bounds read and writ ... oval:org.secpod.oval:def:500127 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF files encoded with a 4-bit run-length encoding scheme from ThunderScan. An attacker could use this flaw to creat ... oval:org.secpod.oval:def:1503494 Updated libtiff packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severit ... oval:org.secpod.oval:def:105813 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:107035 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:1503719 Updated libtiff packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is av ... oval:org.secpod.oval:def:500061 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF Internet Fax image files, compressed with the CCITT Group 4 compression algorithm. An attacker could use this fl ... oval:org.secpod.oval:def:1503902 Updated libtiff packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ... oval:org.secpod.oval:def:1600122 Use-after-free vulnerability in the t2p_readwrite_pdf_image function in tools/tiff2pdf.c in libtiff 4.0.3 allows remote attackers to cause a denial of service or possible execute arbitrary code via a crafted TIFF image. The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier allows c ... oval:org.secpod.oval:def:203043 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. A heap-based buffer overflow and a use-after-free flaw were found in the tiff2pdf tool. An attacker could use these flaws to create a specially crafted TIFF file that would cause tiff2pdf to crash o ... oval:org.secpod.oval:def:203045 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. A heap-based buffer overflow and a use-after-free flaw were found in the tiff2pdf tool. An attacker could use these flaws to create a specially crafted TIFF file that would cause tiff2pdf to crash o ... oval:org.secpod.oval:def:105968 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:107092 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:500932 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF images using the Pixar Log Format encoding. An attacker could create a specially-crafted TIFF file that, when op ... oval:org.secpod.oval:def:501192 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. A heap-based buffer overflow and a use-after-free flaw were found in the tiff2pdf tool. An attacker could use these flaws to create a specially crafted TIFF file that would cause tiff2pdf to crash o ... oval:org.secpod.oval:def:501194 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. A heap-based buffer overflow and a use-after-free flaw were found in the tiff2pdf tool. An attacker could use these flaws to create a specially crafted TIFF file that would cause tiff2pdf to crash o ... oval:org.secpod.oval:def:1600134 A heap-based buffer overflow and a use-after-free flaw were found in the tiff2pdf tool. An attacker could use these flaws to create a specially crafted TIFF file that would cause tiff2pdf to crash or, possibly, execute arbitrary code. Multiple buffer overflow flaws were found in the gif2tiff tool. A ... oval:org.secpod.oval:def:500781 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Two integer overflow flaws, leading to heap-based buffer overflows, were found in the way libtiff attempted to allocate space for a tile in a TIFF image file. An attacker could use these flaws to cr ... oval:org.secpod.oval:def:1500392 Updated libtiff packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availa ... oval:org.secpod.oval:def:1503382 Updated libtiff packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is ... oval:org.secpod.oval:def:1500391 Updated libtiff packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availa ... oval:org.secpod.oval:def:114636 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:112257 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:115966 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:115907 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:114606 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:115526 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:115525 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:205632 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * libtiff: integer overflow in _TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c * libtiff: integer overflow leading to heap-based buffer overflow in tif_getimage.c For more detail ... oval:org.secpod.oval:def:59595 tiff: Tag Image File Format library Several security issues were fixed in LibTIFF. oval:org.secpod.oval:def:2500145 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. oval:org.secpod.oval:def:2500373 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. oval:org.secpod.oval:def:1505255 [4.0.9-20] - Rebuild for fixed binutils [4.0.9-19] - Fix CVE-2020-35521 - Fix CVE-2020-35522 - Fix CVE-2020-35523 - Fix CVE-2020-35524 oval:org.secpod.oval:def:4501225 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * libtiff: Integer overflow in tif_getimage.c * libtiff: Heap-based buffer overflow in TIFF2PDF tool * libtiff: Memory allocation failure in tiff2rgba * libtiff: Memory allocation f ... oval:org.secpod.oval:def:87162 [4.4.0-2] - Update to version 4.4.0 - Resolves: CVE-2022-0561 CVE-2022-0562 CVE-2022-22844 CVE-2022-0865 CVE-2022-0891 CVE-2022-0924 CVE-2022-0909 CVE-2022-0908 CVE-2022-1354 CVE-2022-1355 oval:org.secpod.oval:def:507369 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * libtiff: Denial of Service via crafted TIFF file * libtiff: Null source pointer lead to Denial of Service via crafted TIFF file * libtiff: reachable assertion * libtiff: Out-of-bo ... oval:org.secpod.oval:def:2500875 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. oval:org.secpod.oval:def:121816 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:1506187 [4.0.9-23] - Fix various CVEs - Resolves: CVE-2022-0561 CVE-2022-0562 CVE-2022-22844 CVE-2022-0865 CVE-2022-0891 CVE-2022-0924 CVE-2022-0909 CVE-2022-0908 CVE-2022-1355 oval:org.secpod.oval:def:507283 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * libtiff: Denial of Service via crafted TIFF file * libtiff: Null source pointer lead to Denial of Service via crafted TIFF file * libtiff: reachable assertion * libtiff: Out-of-bo ... oval:org.secpod.oval:def:19500186 A flaw was found in libtiff where a NULL source pointer passed as an argument to the memcpy function within the TIFFFetchStripThing in tif_dirread.c. This flaw allows an attacker with a crafted TIFF file to exploit this flaw, causing a crash and leading to a denial of service. A flaw was found in li ... oval:org.secpod.oval:def:1701091 A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service. A vulnerability ... oval:org.secpod.oval:def:52746 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:703038 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:89002568 This update for tiff fixes the following issues: Security issues fixed: - CVE-2018-10779: Fixed a heap-based buffer overflow in TIFFWriteScanline in tif_write.c - CVE-2017-17942: Fixed a heap-based buffer overflow in the function PackBitsEncode in tif_packbits.c. - CVE-2016-5319: Fixed a beap-base ... oval:org.secpod.oval:def:109163 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:89002275 This update for tiff fixes the following issues: These security issues were fixed: - CVE-2017-18013: There was a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. - CVE-2018-10963: The TIFFWriteDirectorySec function in tif_dirwrite.c allow ... oval:org.secpod.oval:def:89002397 This update for tiff fixes the following issues: The following security vulnerabilities were addressed: - CVE-2015-8668: Fixed a heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff, which allowed remote attackers to execute arbitrary code or cause a denial of s ... oval:org.secpod.oval:def:1200116 Use of uninitialized memory was reported in in libtiff. oval:org.secpod.oval:def:503297 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * libtiff: buffer overflow in gif2tiff * libtiff: Heap-based buffer overflow in the cpSeparateBufToContigBuf function resulting in a denial of service or possibly code execution * li ... oval:org.secpod.oval:def:115258 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:89002537 This update for tiff fixes the following issues: Security issues fixed: - CVE-2018-18661: Fixed NULL pointer dereference in the function LZWDecode in the file tif_lzw.c . - CVE-2018-12900: Fixed heap-based buffer overflow in the cpSeparateBufToContigBuf . - CVE-2017-9147: Fixed invalid read in the _ ... oval:org.secpod.oval:def:89002535 This update for tiff fixes the following issues: Security issues fixed: - CVE-2016-5315: The setByteArray function in tif_dir.c allowed remote attackers to cause a denial of service via a crafted tiff image. - CVE-2016-10267: LibTIFF allowed remote attackers to cause a denial of service via a cra ... oval:org.secpod.oval:def:24760 The host is installed with libtiff in RHEL 5, 6 or 7 and is prone to an out-of-bounds read vulnerability. A flaw is present in the application, which fails to properly handle crafted BMP image. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:1700894 Integer overflow in the writeBufferToSeparateStrips function in tiffcrop.c in LibTIFF before 4.0.7 allows remote attackers to cause a denial of service via a crafted tif file. A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, re ... oval:org.secpod.oval:def:89002404 This update for tiff fixes the following issues: Security issues fixed: - CVE-2016-10094: Fixed heap-based buffer overflow in the _tiffWriteProc function . - CVE-2016-10093: Fixed heap-based buffer overflow in the _TIFFmemcpy function . - CVE-2016-10092: Fixed heap-based buffer overflow in the TIFFR ... oval:org.secpod.oval:def:115360 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:205337 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * libtiff: buffer overflow in gif2tiff * libtiff: Heap-based buffer overflow in the cpSeparateBufToContigBuf function resulting in a denial of service or possibly code execution * li ... oval:org.secpod.oval:def:24752 The host is installed with libtiff in RHEL 5, 6 or 7 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:602365 Several vulnerabilities have been found in tiff, a Tag Image File Format library. Multiple out-of-bounds read and write flaws could cause an application using the tiff library to crash. oval:org.secpod.oval:def:109149 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:1601067 Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service via a crafted GIF file.An integer overflow has been discovered in libtiff in TIFFSetupStrips:tif_write.c, which could lead to a heap-based buffer overflow in TIFFWriteSc ... oval:org.secpod.oval:def:89002068 This update for tiff fixes the following issues: Security issues fixed: - CVE-2018-19210: Fixed NULL pointer dereference in the TIFFWriteDirectorySec function . - CVE-2017-12944: Fixed denial of service issue in the TIFFReadDirEntryArray function . - CVE-2016-10094: Fixed heap-based buffer overflow ... oval:org.secpod.oval:def:1701643 The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service via a crafted tiff image. A divide-by-zero vulnerability was found in libtiff. This flaw allows an attacker to cause a denial of service via a crafted tiff file. loadImage in tools/tiffcrop.c in L ... oval:org.secpod.oval:def:19500308 libtiff 4.5.0 is vulnerable to Buffer Overflow in uv_encode when libtiff reads a corrupted little-endian TIFF file and specifies the output to be big-endian oval:org.secpod.oval:def:19500295 libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes at /libtiff/tools/tiffcrop.c:3215. libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesShifted8bits at /libtiff/tools/tiffcrop.c:3753 oval:org.secpod.oval:def:19500316 A NULL pointer dereference in TIFFClose is caused by a failure to open an output file while specifying zones oval:org.secpod.oval:def:19500313 loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image oval:org.secpod.oval:def:19500359 LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b71 ... oval:org.secpod.oval:def:19500405 An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file oval:org.secpod.oval:def:19500377 A NULL pointer dereference flaw was found in Libtiff's LZWDecode function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or deni ... oval:org.secpod.oval:def:1701583 LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/ ... oval:org.secpod.oval:def:1506785 [4.0.9-28] - Fix CVE-2022-48281 - Resolves: CVE-2022-48281 oval:org.secpod.oval:def:19500423 LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b. processCropSelections in tools/tiff ... oval:org.secpod.oval:def:1701823 libtiff 4.5.0 is vulnerable to Buffer Overflow via /libtiff/tools/tiffcrop.c:8499. Incorrect updating of buffer size after rotateImage in tiffcrop cause heap-buffer-overflow and SEGV. A vulnerability was found in libtiff library. This security flaw causes a heap buffer overflow issue via TIFFTAG_INK ... oval:org.secpod.oval:def:19500271 LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125. LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiff ... oval:org.secpod.oval:def:24749 The host is installed with libtiff on RHEL 5, 6 or 7 and is prone to an out-of-bounds read vulnerability. A flaw is present in the application, which fails to properly handle crafted tiff image. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:24750 The host is installed with libtiff on RHEL 5, 6 or 7 and is prone to an out-of-bounds read vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:24753 The host is installed with libtiff in RHEL 5, 6 or 7 and is prone to a divide by zero vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:1601364 libtiff did not properly convert between signed and unsigned integer values, leading to a buffer overflow. An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. Multi ... oval:org.secpod.oval:def:202382 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. libtiff did not properly convert between signed and unsigned integer values, leading to a buffer overflow. An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, ... oval:org.secpod.oval:def:500842 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. libtiff did not properly convert between signed and unsigned integer values, leading to a buffer overflow. An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, ... oval:org.secpod.oval:def:1503729 Updated libtiff packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ... oval:org.secpod.oval:def:202367 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. libtiff did not properly convert between signed and unsigned integer values, leading to a buffer overflow. An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, ... oval:org.secpod.oval:def:19500511 An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB oval:org.secpod.oval:def:1701972 An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB oval:org.secpod.oval:def:1506671 [4.4.0-7] - Fix CVE-2022-3970 - Resolves: CVE-2022-3970 [4.4.0-6] - Fix CVE-2022-3597 CVE-2022-3626 CVE-2022-3599 CVE-2022-3570 CVE-2022-3598 CVE-2022-3627 - Resolves: CVE-2022-3597 CVE-2022-3626 CVE-2022-3599 CVE-2022-3570 CVE-2022-3598 CVE-2022-3627 oval:org.secpod.oval:def:507649 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * libtiff: heap Buffer overflows in tiffcrop.c * libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix * libtiff: out-of-bounds write in extractContigSamplesShifted24bits i ... oval:org.secpod.oval:def:1701859 There exists one heap buffer overflow in _TIFFmemcpy in tif_unix.c in libtiff 4.0.10, which allows an attacker to cause a denial-of-service through a crafted tiff file. A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger un ... oval:org.secpod.oval:def:507757 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c * libtiff: integer overflow in function TIFFReadRGBATileExt of the file For more details about the security issue, ... oval:org.secpod.oval:def:1506744 [4.0.9-27] - Fix various CVEs - Resolves: CVE-2022-3627 CVE-2022-3970 oval:org.secpod.oval:def:2600391 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. oval:org.secpod.oval:def:19500315 Memory leak in memory leak in tiffcrop.c oval:org.secpod.oval:def:19500347 A flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tif_fax3.c, resulting in a denial of service oval:org.secpod.oval:def:2600273 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. oval:org.secpod.oval:def:1506616 [4.4.0-8] - Fix CVE-2023-0800 CVE-2023-0801 CVE-2023-0802 CVE-2023-0803 CVE-2023-0804 CVE-2023-0795 CVE-2023-0796 CVE-2023-0797 CVE-2023-0798 CVE-2023-0799 CVE-2022-48281 - Resolves: CVE-2023-0800 CVE-2023-0801 CVE-2023-0802 CVE-2023-0803 CVE-2023-0804 CVE-2023-0795 CVE-2023-0796 CVE-2023-0797 CVE-2 ... oval:org.secpod.oval:def:24751 The host is installed with libtiff on RHEL 5, 6 or 7 and is prone to multiple out-of-bounds read vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:114641 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:89002206 This update for tiff fixes the following issues: - CVE-2018-17100: There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service or possibly have unspecified other impact via a crafted image file. - CVE-2018-17101: There are two out-of-bounds writes in cpTags in ... oval:org.secpod.oval:def:89002449 This update for tiff fixes the following issues: - CVE-2016-9453: The t2p_readwrite_pdf_image_tile function allowed remote attackers to cause a denial of service or possibly execute arbitrary code via a JPEG file with a TIFFTAG_JPEGTABLES of length one . - CVE-2016-5652: An exploitable heap-based b ... oval:org.secpod.oval:def:1600435 Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an application linked against libtiff into processing specially crafted files. Multiple flaws have been discovered in va ... oval:org.secpod.oval:def:1501540 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ... oval:org.secpod.oval:def:1501543 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ... oval:org.secpod.oval:def:89002317 This update for tiff fixes the following issues: - CVE-2017-9935: There was a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an in ... oval:org.secpod.oval:def:114303 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:203982 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ... oval:org.secpod.oval:def:112238 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:203978 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ... oval:org.secpod.oval:def:703489 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:204091 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ... oval:org.secpod.oval:def:114208 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:204092 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ... oval:org.secpod.oval:def:51731 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:115529 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... oval:org.secpod.oval:def:1600515 Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an application linked against libtiff into processing specially crafted files. Multiple flaws have been discovered in va ... oval:org.secpod.oval:def:501973 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ... oval:org.secpod.oval:def:501854 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ... oval:org.secpod.oval:def:501858 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ... oval:org.secpod.oval:def:89002359 This update for tiff fixes the following issues: - CVE-2018-17100: There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service or possibly have unspecified other impact via a crafted image file. - CVE-2018-17101: There are two out-of-bounds writes in cpTags in ... oval:org.secpod.oval:def:1501752 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501753 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:114609 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... |