Libtiff: >> Libtiff >> 4.0.6 Security Vulnerabilities
The putcontig8bitCIELab function in tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a packed TIFF image.
CVSS Score
5.5
EPSS Score
0.002
Published
2016-04-13
tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via the SamplesPerPixel tag in a TIFF image.
CVSS Score
5.5
EPSS Score
0.002
Published
2016-04-13
The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff5.tif.
CVSS Score
6.5
EPSS Score
0.044
Published
2016-04-13
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds reads) via a crafted TIFF image.
CVSS Score
6.5
EPSS Score
0.007
Published
2016-02-01
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds writes) via a crafted TIFF image, a different vulnerability than CVE-2015-8781.
CVSS Score
6.5
EPSS Score
0.016
Published
2016-02-01
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-2015-8782.
CVSS Score
6.5
EPSS Score
0.021
Published
2016-02-01
Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image.
CVSS Score
9.8
EPSS Score
0.111
Published
2016-01-08
The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image.
CVSS Score
9.8
EPSS Score
0.005
Published
2016-01-08
Page 11