Shodan
Vulnerabilities
Vulnerable Software
Libtiff:  >> Libtiff  >> 4.0.6  Security Vulnerabilities
CVE-2016-5318
Stack-based buffer overflow in the _TIFFVGetField function in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted tiff.
CVSS Score
6.5
EPSS Score
0.009
Published
2017-01-20
CVE-2016-5319
Heap-based buffer overflow in tif_packbits.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted bmp file.
CVSS Score
6.5
EPSS Score
0.005
Published
2017-01-20
CVE-2016-5321
The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image.
CVSS Score
6.5
EPSS Score
0.002
Published
2017-01-20
CVE-2016-5323
The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted Tiff image.
CVSS Score
7.5
EPSS Score
0.011
Published
2017-01-20
CVE-2016-9273
tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file, related to changing td_nstrips in TIFF_STRIPCHOP mode.
CVSS Score
5.5
EPSS Score
0.005
Published
2017-01-18
CVE-2016-9297
The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII tag values.
CVSS Score
7.5
EPSS Score
0.006
Published
2017-01-18
CVE-2016-5652
An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means.
CVSS Score
7.0
EPSS Score
0.064
Published
2017-01-06
CVE-2016-9540
tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka "cpStripToTile heap-buffer-overflow."
CVSS Score
9.8
EPSS Score
0.002
Published
2016-11-22
CVE-2016-9539
tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer(). Reported as MSVR 35092.
CVSS Score
9.8
EPSS Score
0.004
Published
2016-11-22
CVE-2016-9538
tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in readContigStripsIntoBuffer() because of a uint16 integer overflow. Reported as MSVR 35100.
CVSS Score
9.8
EPSS Score
0.004
Published
2016-11-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved