Shodan
Vulnerabilities
Vulnerable Software
Libtiff:  >> Libtiff  >> 4.0.3  Security Vulnerabilities
CVE-2015-8783
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds reads) via a crafted TIFF image.
CVSS Score
6.5
EPSS Score
0.007
Published
2016-02-01
CVE-2015-8782
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds writes) via a crafted TIFF image, a different vulnerability than CVE-2015-8781.
CVSS Score
6.5
EPSS Score
0.016
Published
2016-02-01
CVE-2015-8781
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-2015-8782.
CVSS Score
6.5
EPSS Score
0.021
Published
2016-02-01
CVE-2015-8668
Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image.
CVSS Score
9.8
EPSS Score
0.074
Published
2016-01-08
CVE-2014-9330
Integer overflow in tif_packbits.c in bmp2tif in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) via crafted BMP image, related to dimensions, which triggers an out-of-bounds read.
CVSS Score
5.0
EPSS Score
0.012
Published
2015-01-20
CVE-2013-4244
The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted GIF image.
CVSS Score
6.8
EPSS Score
0.006
Published
2013-09-28
CVE-2013-4232
Use-after-free vulnerability in the t2p_readwrite_pdf_image function in tools/tiff2pdf.c in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted TIFF image.
CVSS Score
6.8
EPSS Score
0.017
Published
2013-09-10
CVE-2013-4243
Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image.
CVSS Score
6.8
EPSS Score
0.186
Published
2013-09-10
CVE-2012-4564
ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow.
CVSS Score
6.8
EPSS Score
0.265
Published
2012-11-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved