Download
| Alert*
oval:org.secpod.oval:def:1800069
tiff is installed oval:org.secpod.oval:def:1800291 CVE-2017-7592: Left shift of unsigned char without a cast. The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image. oval:org.secpod.oval:def:1800891 CVE-2017-7592: Left shift of unsigned char without a cast; The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image. oval:org.secpod.oval:def:1801262 CVE-2018-12900: Heap-based buffer overflow in the cpSeparateBufToContigBuf function resulting in a denial of service¶ Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service or possibly have unspecifi ... oval:org.secpod.oval:def:1801264 CVE-2018-12900: Heap-based buffer overflow in the cpSeparateBufToContigBuf function resulting in a denial of service¶ Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service or possibly have unspecifi ... oval:org.secpod.oval:def:1801265 CVE-2018-12900: Heap-based buffer overflow in the cpSeparateBufToContigBuf function resulting in a denial of service¶ Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service or possibly have unspecifi ... oval:org.secpod.oval:def:1800904 In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. oval:org.secpod.oval:def:1800712 In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. oval:org.secpod.oval:def:1800068 CVE-2017-9936: In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c. A crafted TIFF document can lead to a memory leak resulting in a remote denial of service attack. Reference:¶ Patch:¶ CVE-2017-10688: In LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectoryTagCheckedLong8 ... oval:org.secpod.oval:def:1800700 CVE-2017-9147: LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField function in tif_dir.c, which might allow remote attackers to cause a denial of service via a crafted TIFF file. Reference: Patch: CVE-2017-9403: In LibTIFF 4.0.7, a memory leak vulnerability was found in the function TIFFReadDir ... oval:org.secpod.oval:def:1800567 In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. oval:org.secpod.oval:def:1800570 In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. oval:org.secpod.oval:def:1800670 CVE-2017-9147: LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField function in tif_dir.c, which might allow remote attackers to cause a denial of service via a crafted TIFF file. CVE-2017-9403: In LibTIFF 4.0.7, a memory leak vulnerability was found in the function TIFFReadDirEntryLong8Array i ... oval:org.secpod.oval:def:1800379 CVE-2017-7592: Left shift of unsigned char without a cast The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image. oval:org.secpod.oval:def:1800517 CVE-2017-9147: LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField function in tif_dir.c, which might allow remote attackers to cause a denial of service via a crafted TIFF file. Reference Patch CVE-2017-9403: In LibTIFF 4.0.7, a memory leak vulnerability was found in the function TIFFReadDirEn ... oval:org.secpod.oval:def:1800682 LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value. oval:org.secpod.oval:def:1800765 CVE-2015-8665: Out-of-bounds read in tif_getimage.c tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service via the SamplesPerPixel tag in a TIFF image. Reference Patch CVE-2015-8683: out-of-bounds read in CIE Lab image format The putcontig8bitCIELab function in tif_get ... oval:org.secpod.oval:def:1800206 CVE-2015-8665: Out-of-bounds read in tif_getimage.c. tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service via the SamplesPerPixel tag in a TIFF image. CVE-2015-8683: out-of-bounds read in CIE Lab image format. The putcontig8bitCIELab function in tif_getimage.c in Li ... oval:org.secpod.oval:def:1800603 LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value. oval:org.secpod.oval:def:1800629 LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value. oval:org.secpod.oval:def:1800184 LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service , as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c oval:org.secpod.oval:def:1800547 LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service , as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c oval:org.secpod.oval:def:1800768 LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service , as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c oval:org.secpod.oval:def:1800872 LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service , as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c oval:org.secpod.oval:def:1800959 In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared number of directory entries is not validated against ... oval:org.secpod.oval:def:1800122 CVE-2016-9273: heap-buffer-overflow in cpStrips. Reference: CVE-2016-9297: segfault in _TIFFPrintField. Reference: CVE-2016-9448: Invalid read of size 1 in TIFFFetchNormalTag. Fix for CVE-2016-9297 introduced this issue. oval:org.secpod.oval:def:1800621 CVE-2015-7554: invalid write. The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to cause a denial of service or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image. oval:org.secpod.oval:def:1801104 CVE-2017-9935: In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an invalid free in TIFFClose or t2p_fre ... oval:org.secpod.oval:def:1801105 CVE-2017-9935: In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an invalid free in TIFFClose or t2p_fre ... oval:org.secpod.oval:def:1801106 CVE-2017-9935: In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an invalid free in TIFFClose or t2p_fre ... oval:org.secpod.oval:def:1801107 CVE-2017-9935: In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an invalid free in TIFFClose or t2p_fre ... oval:org.secpod.oval:def:1800339 CVE-2015-7554: invalid write The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to cause a denial of service or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image. oval:org.secpod.oval:def:1800956 In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared number of directory entries is not validated against ... oval:org.secpod.oval:def:1800957 In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared number of directory entries is not validated against ... |