Shodan
Vulnerabilities
Vulnerable Software
Libtiff:  >> Libtiff  >> 4.0.6  Security Vulnerabilities
CVE-2016-3632
The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image.
CVSS Score
7.8
EPSS Score
0.003
Published
2016-09-21
CVE-2016-3186
Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file.
CVSS Score
6.2
EPSS Score
0.008
Published
2016-04-19
CVE-2015-8784
The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image, as demonstrated by libtiff5.tif.
CVSS Score
6.5
EPSS Score
0.015
Published
2016-04-13
CVE-2015-8683
The putcontig8bitCIELab function in tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a packed TIFF image.
CVSS Score
5.5
EPSS Score
0.002
Published
2016-04-13
CVE-2015-8665
tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via the SamplesPerPixel tag in a TIFF image.
CVSS Score
5.5
EPSS Score
0.002
Published
2016-04-13
CVE-2015-1547
The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff5.tif.
CVSS Score
6.5
EPSS Score
0.044
Published
2016-04-13
CVE-2015-8783
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds reads) via a crafted TIFF image.
CVSS Score
6.5
EPSS Score
0.007
Published
2016-02-01
CVE-2015-8782
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds writes) via a crafted TIFF image, a different vulnerability than CVE-2015-8781.
CVSS Score
6.5
EPSS Score
0.016
Published
2016-02-01
CVE-2015-8781
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-2015-8782.
CVSS Score
6.5
EPSS Score
0.021
Published
2016-02-01
CVE-2015-8668
Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image.
CVSS Score
9.8
EPSS Score
0.048
Published
2016-01-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved