| Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-9935 | 6.8 |
In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an i
|
03-10-2019 - 00:03 | 26-06-2017 - 12:29 | |
| CVE-2017-13727 | 4.3 |
There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack.
|
03-10-2019 - 00:03 | 29-08-2017 - 06:29 | |
| CVE-2017-13726 | 4.3 |
There is a reachable assertion abort in the function TIFFWriteDirectorySec() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack.
|
03-10-2019 - 00:03 | 29-08-2017 - 06:29 | |
| CVE-2017-12944 | 5.0 |
The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mishandles memory allocation for short files, which allows remote attackers to cause a denial of service (allocation failure and application crash) in the TIFFFetchStripThing function
|
03-10-2019 - 00:03 | 18-08-2017 - 15:29 | |
| CVE-2017-18013 | 4.3 |
In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash.
|
28-03-2018 - 01:29 | 01-01-2018 - 08:29 | |
| CVE-2017-11335 | 6.8 |
There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig=Contig image, which causes a more than one hundred bytes out-of-bounds write (related to the ZIPDecode function in tif_zip.c). A crafted input may lead to a
|
22-03-2018 - 01:29 | 17-07-2017 - 13:18 |