Filtered by vendor Libtiff
Subscriptions
Total
255 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-4231 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-04-11 | N/A |
| Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3) a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are disputed by Red Hat, which states that the input cannot exceed the allocated buffer size. | ||||
| CVE-2013-4232 | 3 Debian, Libtiff, Redhat | 3 Debian Linux, Libtiff, Enterprise Linux | 2025-04-11 | N/A |
| Use-after-free vulnerability in the t2p_readwrite_pdf_image function in tools/tiff2pdf.c in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted TIFF image. | ||||
| CVE-2009-2347 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-04-09 | N/A |
| Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buffer overflow in the (a) cvt_whole_image function in tiff2rgba and (b) tiffcvt function in rgb2ycbcr. | ||||
| CVE-2009-2285 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-04-09 | N/A |
| Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327. | ||||
| CVE-2008-2327 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-04-09 | N/A |
| Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code. | ||||
| CVE-2022-4645 | 3 Fedoraproject, Libtiff, Redhat | 3 Fedora, Libtiff, Enterprise Linux | 2025-04-04 | 6.8 Medium |
| LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125. | ||||
| CVE-2022-48281 | 3 Debian, Libtiff, Redhat | 3 Debian Linux, Libtiff, Enterprise Linux | 2025-04-03 | 5.5 Medium |
| processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image. | ||||
| CVE-2004-0929 | 2 Libtiff, Suse | 2 Libtiff, Suse Linux | 2025-04-03 | N/A |
| Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg.c for libtiff 3.6.1 and earlier, when compiled with the OJPEG_SUPPORT (old JPEG support) option, allows remote attackers to execute arbitrary code via a malformed TIFF image. | ||||
| CVE-2006-2024 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-04-03 | N/A |
| Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent attackers to cause a denial of service via a TIFF image that triggers errors in (1) the TIFFFetchAnyArray function in (a) tif_dirread.c; (2) certain "codec cleanup methods" in (b) tif_lzw.c, (c) tif_pixarlog.c, and (d) tif_zip.c; (3) and improper restoration of setfield and getfield methods in cleanup functions within (e) tif_jpeg.c, tif_pixarlog.c, (f) tif_fax3.c, and tif_zip.c. | ||||
| CVE-2006-3460 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-04-03 | N/A |
| Heap-based buffer overflow in the JPEG decoder in the TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an encoded JPEG stream that is longer than the scan line size (TiffScanLineSize). | ||||
| CVE-2006-2026 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-04-03 | N/A |
| Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers errors related to "setfield/getfield methods in cleanup functions." | ||||
| CVE-2006-2656 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-04-03 | N/A |
| Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE. | ||||
| CVE-2006-2193 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-04-03 | N/A |
| Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which triggers the overflow when a character is sign extended to an integer that produces more digits than expected in an sprintf call. | ||||
| CVE-2006-2120 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-04-03 | N/A |
| The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers to cause a denial of service (crash) via a crafted TIFF image with Yr/Yg/Yb values that exceed the YCR/YCG/YCB values, which triggers an out-of-bounds read. | ||||
| CVE-2004-0804 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-04-03 | N/A |
| Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (application crash) via a TIFF image that causes a divide-by-zero error when the number of row bytes is zero, a different vulnerability than CVE-2005-2452. | ||||
| CVE-2004-0803 | 9 Apple, Kde, Libtiff and 6 more | 13 Mac Os X, Mac Os X Server, Kde and 10 more | 2025-04-03 | N/A |
| Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. | ||||
| CVE-2004-1183 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-04-03 | N/A |
| Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF file. | ||||
| CVE-2004-0886 | 9 Apple, Kde, Libtiff and 6 more | 13 Mac Os X, Mac Os X Server, Kde and 10 more | 2025-04-03 | N/A |
| Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls. | ||||
| CVE-2006-2025 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-04-03 | N/A |
| Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted TIFF image. | ||||
| CVE-2006-0405 | 1 Libtiff | 1 Libtiff | 2025-04-03 | N/A |
| The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a NULL pointer dereference, possibly due to changes in type declarations and/or the TIFFVSetField function. | ||||