- Home
- CVEs with nessus.description==CVE-2015-8683
The putcontig8bitCIELab function in tif_getimage.c in LibTIFF 4.0.6
allows remote attackers to cause a denial of service (out-of-bounds
read) via a packed TIFF image.
CVE-2015-8665 tif_getimage.c in LibTIFF 4.0.6 allows remote attackers
to cause a denial of service (out-of-bounds read) via the
SamplesPerPixel tag in a TIFF image.
CVE-2014-8129 LibTIFF 4.0.3 allows remote attackers to cause a denial
of service (out-of-bounds write) or possibly have unspecified other
impact via a crafted TIFF image, as demonstrated by failure of
tif_next.c to verify that the BitsPerSample value is 2, and the
t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c.
CVE-2014-8130 The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3
does not reject a zero size, which allows remote attackers to cause a
denial of service (divide-by-zero error and application crash) via a
crafted TIFF image that is mishandled by the TIFFWriteScanline
function in tif_write.c, as demonstrated by tiffdither.
CVE-2014-8127 LibTIFF 4.0.3 allows remote attackers to cause a denial
of service (out-of-bounds read and crash) via a crafted TIFF image to
the (1) checkInkNamesString function in tif_dir.c in the thumbnail
tool, (2) compresscontig function in tiff2bw.c in the tiff2bw tool,
(3) putcontig8bitCIELab function in tif_getimage.c in the tiff2rgba
tool, LZWPreDecode function in tif_lzw.c in the (4) tiff2ps or (5)
tiffdither tool, (6) NeXTDecode function in tif_next.c in the
tiffmedian tool, or (7) TIFFWriteDirectoryTagLongLong8Array function
in tif_dirwrite.c in the tiffset tool.
CVE-2014-9655 The (1) putcontig8bitYCbCr21tile function in
tif_getimage.c or (2) NeXTDecode function in tif_next.c in LibTIFF
allows remote attackers to cause a denial of service (uninitialized
memory access) via a crafted TIFF image, as demonstrated by
libtiff-cvs-1.tif and libtiff-cvs-2.tif.
CVE-2015-8781 tif_luv.c in libtiff allows attackers to cause a denial
of service (out-of-bounds write) via an invalid number of samples per
pixel in a LogL compressed TIFF image, a different vulnerability than
CVE-2015-8782.
CVE-2015-8782 tif_luv.c in libtiff allows attackers to cause a denial
of service (out-of-bounds writes) via a crafted TIFF image, a
different vulnerability than CVE-2015-8781.
CVE-2015-8783 tif_luv.c in libtiff allows attackers to cause a denial
of service (out-of-bounds reads) via a crafted TIFF image.
Impact
An attacker can use specially crafted TIFF files to execute arbitrary
code with the limited privileges of the image optimization process.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top