Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2008-2327

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-27 Aug, 2008 | 20:00
Updated At-07 Aug, 2024 | 08:58
Rejected At-
Credits

Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:27 Aug, 2008 | 20:00
Updated At:07 Aug, 2024 | 08:58
Rejected At:
▼CVE Numbering Authority (CNA)

Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://sunsolve.sun.com/search/document.do?assetkey=1-26-265030-1
vendor-advisory
x_refsource_SUNALERT
http://secunia.com/advisories/31670
third-party-advisory
x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2008:184
vendor-advisory
x_refsource_MANDRIVA
http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html
vendor-advisory
x_refsource_APPLE
http://www.securityfocus.com/archive/1/496033/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://secunia.com/advisories/31838
third-party-advisory
x_refsource_SECUNIA
http://bugs.gentoo.org/show_bug.cgi?id=234080
x_refsource_CONFIRM
http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html
vendor-advisory
x_refsource_APPLE
http://secunia.com/advisories/31982
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/31698
third-party-advisory
x_refsource_SECUNIA
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00121.html
vendor-advisory
x_refsource_FEDORA
http://www.vupen.com/english/advisories/2008/2971
vdb-entry
x_refsource_VUPEN
http://www.us-cert.gov/cas/techalerts/TA08-260A.html
third-party-advisory
x_refsource_CERT
http://www.vupen.com/english/advisories/2008/2776
vdb-entry
x_refsource_VUPEN
http://www.vmware.com/security/advisories/VMSA-2008-0017.html
x_refsource_MISC
http://www.redhat.com/support/errata/RHSA-2008-0863.html
vendor-advisory
x_refsource_REDHAT
http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html
vendor-advisory
x_refsource_APPLE
http://secunia.com/advisories/31623
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/2584
vdb-entry
x_refsource_VUPEN
http://security-tracker.debian.net/tracker/CVE-2008-2327
x_refsource_CONFIRM
http://www.securitytracker.com/id?1020750
vdb-entry
x_refsource_SECTRACK
http://www.securityfocus.com/archive/1/497962/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://www.vupen.com/english/advisories/2008/3107
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/31610
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/bid/30832
vdb-entry
x_refsource_BID
http://security-tracker.debian.net/tracker/DTSA-160-1
x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11489
vdb-entry
signature
x_refsource_OVAL
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
vendor-advisory
x_refsource_SUSE
http://www.vupen.com/english/advisories/2008/3232
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/31882
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-0848.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/31668
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/2143
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/32706
third-party-advisory
x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5514
vdb-entry
signature
x_refsource_OVAL
http://www.debian.org/security/2008/dsa-1632
vendor-advisory
x_refsource_DEBIAN
http://support.apple.com/kb/HT3318
x_refsource_CONFIRM
http://security-tracker.debian.net/tracker/DSA-1632-1
x_refsource_CONFIRM
http://support.apple.com/kb/HT3298
x_refsource_CONFIRM
http://www.ubuntu.com/usn/usn-639-1
vendor-advisory
x_refsource_UBUNTU
http://www.redhat.com/support/errata/RHSA-2008-0847.html
vendor-advisory
x_refsource_REDHAT
http://support.apple.com/kb/HT3276
x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2008/2438
vdb-entry
x_refsource_VUPEN
https://bugzilla.redhat.com/show_bug.cgi?id=458674
x_refsource_CONFIRM
http://secunia.com/advisories/32756
third-party-advisory
x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200809-07.xml
vendor-advisory
x_refsource_GENTOO
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00102.html
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-265030-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: http://secunia.com/advisories/31670
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:184
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://www.securityfocus.com/archive/1/496033/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://secunia.com/advisories/31838
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=234080
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://secunia.com/advisories/31982
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/31698
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00121.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://www.vupen.com/english/advisories/2008/2971
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA08-260A.html
Resource:
third-party-advisory
x_refsource_CERT
Hyperlink: http://www.vupen.com/english/advisories/2008/2776
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.vmware.com/security/advisories/VMSA-2008-0017.html
Resource:
x_refsource_MISC
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0863.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://secunia.com/advisories/31623
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2008/2584
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://security-tracker.debian.net/tracker/CVE-2008-2327
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securitytracker.com/id?1020750
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.securityfocus.com/archive/1/497962/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.vupen.com/english/advisories/2008/3107
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/31610
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/bid/30832
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://security-tracker.debian.net/tracker/DTSA-160-1
Resource:
x_refsource_CONFIRM
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11489
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.vupen.com/english/advisories/2008/3232
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/31882
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0848.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/31668
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2009/2143
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/32706
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5514
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.debian.org/security/2008/dsa-1632
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://support.apple.com/kb/HT3318
Resource:
x_refsource_CONFIRM
Hyperlink: http://security-tracker.debian.net/tracker/DSA-1632-1
Resource:
x_refsource_CONFIRM
Hyperlink: http://support.apple.com/kb/HT3298
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.ubuntu.com/usn/usn-639-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0847.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://support.apple.com/kb/HT3276
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.vupen.com/english/advisories/2008/2438
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=458674
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/32756
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://security.gentoo.org/glsa/glsa-200809-07.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00102.html
Resource:
vendor-advisory
x_refsource_FEDORA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://sunsolve.sun.com/search/document.do?assetkey=1-26-265030-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
http://secunia.com/advisories/31670
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2008:184
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://www.securityfocus.com/archive/1/496033/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://secunia.com/advisories/31838
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://bugs.gentoo.org/show_bug.cgi?id=234080
x_refsource_CONFIRM
x_transferred
http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://secunia.com/advisories/31982
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/31698
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00121.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://www.vupen.com/english/advisories/2008/2971
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.us-cert.gov/cas/techalerts/TA08-260A.html
third-party-advisory
x_refsource_CERT
x_transferred
http://www.vupen.com/english/advisories/2008/2776
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.vmware.com/security/advisories/VMSA-2008-0017.html
x_refsource_MISC
x_transferred
http://www.redhat.com/support/errata/RHSA-2008-0863.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://secunia.com/advisories/31623
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2008/2584
vdb-entry
x_refsource_VUPEN
x_transferred
http://security-tracker.debian.net/tracker/CVE-2008-2327
x_refsource_CONFIRM
x_transferred
http://www.securitytracker.com/id?1020750
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.securityfocus.com/archive/1/497962/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.vupen.com/english/advisories/2008/3107
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/31610
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/bid/30832
vdb-entry
x_refsource_BID
x_transferred
http://security-tracker.debian.net/tracker/DTSA-160-1
x_refsource_CONFIRM
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11489
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.vupen.com/english/advisories/2008/3232
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/31882
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2008-0848.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/31668
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2009/2143
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/32706
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5514
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.debian.org/security/2008/dsa-1632
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://support.apple.com/kb/HT3318
x_refsource_CONFIRM
x_transferred
http://security-tracker.debian.net/tracker/DSA-1632-1
x_refsource_CONFIRM
x_transferred
http://support.apple.com/kb/HT3298
x_refsource_CONFIRM
x_transferred
http://www.ubuntu.com/usn/usn-639-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://www.redhat.com/support/errata/RHSA-2008-0847.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://support.apple.com/kb/HT3276
x_refsource_CONFIRM
x_transferred
http://www.vupen.com/english/advisories/2008/2438
vdb-entry
x_refsource_VUPEN
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=458674
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/32756
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://security.gentoo.org/glsa/glsa-200809-07.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00102.html
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-265030-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: http://secunia.com/advisories/31670
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:184
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/496033/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://secunia.com/advisories/31838
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=234080
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://secunia.com/advisories/31982
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/31698
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00121.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2008/2971
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA08-260A.html
Resource:
third-party-advisory
x_refsource_CERT
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2008/2776
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.vmware.com/security/advisories/VMSA-2008-0017.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0863.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://secunia.com/advisories/31623
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2008/2584
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://security-tracker.debian.net/tracker/CVE-2008-2327
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securitytracker.com/id?1020750
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/497962/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2008/3107
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/31610
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/bid/30832
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://security-tracker.debian.net/tracker/DTSA-160-1
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11489
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2008/3232
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/31882
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0848.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/31668
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2009/2143
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/32706
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5514
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.debian.org/security/2008/dsa-1632
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://support.apple.com/kb/HT3318
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://security-tracker.debian.net/tracker/DSA-1632-1
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://support.apple.com/kb/HT3298
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.ubuntu.com/usn/usn-639-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0847.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://support.apple.com/kb/HT3276
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2008/2438
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=458674
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/32756
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-200809-07.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00102.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:27 Aug, 2008 | 20:41
Updated At:11 Oct, 2018 | 20:40

Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.06.8MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 6.8
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
CPE Matches
LibTIFF
libtiff
>>libtiff>>Versions up to 3.8.2(inclusive)
cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.4
cpe:2.3:a:libtiff:libtiff:3.4:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.5.1
cpe:2.3:a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.5.2
cpe:2.3:a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.5.3
cpe:2.3:a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.5.4
cpe:2.3:a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.5.5
cpe:2.3:a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.5.6
cpe:2.3:a:libtiff:libtiff:3.5.6:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.5.7
cpe:2.3:a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.6.0
cpe:2.3:a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.6.1
cpe:2.3:a:libtiff:libtiff:3.6.1:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.7.0
cpe:2.3:a:libtiff:libtiff:3.7.0:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.7.1
cpe:2.3:a:libtiff:libtiff:3.7.1:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.8.0
cpe:2.3:a:libtiff:libtiff:3.8.0:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.8.1
cpe:2.3:a:libtiff:libtiff:3.8.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://bugs.gentoo.org/show_bug.cgi?id=234080cve@mitre.org
N/A
http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.htmlcve@mitre.org
N/A
http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.htmlcve@mitre.org
N/A
http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.htmlcve@mitre.org
N/A
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.htmlcve@mitre.org
N/A
http://secunia.com/advisories/31610cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/31623cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/31668cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/31670cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/31698cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/31838cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/31882cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/31982cve@mitre.org
N/A
http://secunia.com/advisories/32706cve@mitre.org
N/A
http://secunia.com/advisories/32756cve@mitre.org
Vendor Advisory
http://security-tracker.debian.net/tracker/CVE-2008-2327cve@mitre.org
N/A
http://security-tracker.debian.net/tracker/DSA-1632-1cve@mitre.org
N/A
http://security-tracker.debian.net/tracker/DTSA-160-1cve@mitre.org
N/A
http://security.gentoo.org/glsa/glsa-200809-07.xmlcve@mitre.org
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-265030-1cve@mitre.org
N/A
http://support.apple.com/kb/HT3276cve@mitre.org
N/A
http://support.apple.com/kb/HT3298cve@mitre.org
N/A
http://support.apple.com/kb/HT3318cve@mitre.org
N/A
http://www.debian.org/security/2008/dsa-1632cve@mitre.org
Patch
http://www.mandriva.com/security/advisories?name=MDVSA-2008:184cve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2008-0847.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2008-0848.htmlcve@mitre.org
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-0863.htmlcve@mitre.org
Vendor Advisory
http://www.securityfocus.com/archive/1/496033/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/497962/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/30832cve@mitre.org
N/A
http://www.securitytracker.com/id?1020750cve@mitre.org
N/A
http://www.ubuntu.com/usn/usn-639-1cve@mitre.org
N/A
http://www.us-cert.gov/cas/techalerts/TA08-260A.htmlcve@mitre.org
US Government Resource
http://www.vmware.com/security/advisories/VMSA-2008-0017.htmlcve@mitre.org
N/A
http://www.vupen.com/english/advisories/2008/2438cve@mitre.org
Vendor Advisory
http://www.vupen.com/english/advisories/2008/2584cve@mitre.org
Vendor Advisory
http://www.vupen.com/english/advisories/2008/2776cve@mitre.org
Vendor Advisory
http://www.vupen.com/english/advisories/2008/2971cve@mitre.org
Vendor Advisory
http://www.vupen.com/english/advisories/2008/3107cve@mitre.org
Vendor Advisory
http://www.vupen.com/english/advisories/2008/3232cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2009/2143cve@mitre.org
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=458674cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11489cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5514cve@mitre.org
N/A
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00102.htmlcve@mitre.org
N/A
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00121.htmlcve@mitre.org
N/A
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=234080
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/31610
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/31623
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/31668
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/31670
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/31698
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/31838
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/31882
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/31982
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/32706
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/32756
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://security-tracker.debian.net/tracker/CVE-2008-2327
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://security-tracker.debian.net/tracker/DSA-1632-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://security-tracker.debian.net/tracker/DTSA-160-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-200809-07.xml
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-265030-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT3276
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT3298
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT3318
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2008/dsa-1632
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:184
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0847.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0848.html
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0863.html
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/archive/1/496033/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/497962/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/30832
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1020750
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/usn-639-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA08-260A.html
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.vmware.com/security/advisories/VMSA-2008-0017.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2008/2438
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2008/2584
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2008/2776
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2008/2971
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2008/3107
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2008/3232
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2009/2143
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=458674
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11489
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5514
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00102.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00121.html
Source: cve@mitre.org
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

2047Records found
CVE-2011-1167
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-3.26% / 86.63%
||
7 Day CHG~0.00%
Published-28 Mar, 2011 | 16:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-3087
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.79% / 81.98%
||
7 Day CHG~0.00%
Published-28 Sep, 2010 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LibTIFF before 3.9.2-5.2.1 in SUSE openSUSE 11.3 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted TIFF image.

Action-Not Available
Vendor-n/aLibTIFFopenSUSE
Product-opensuselibtiffn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-2067
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.80% / 85.55%
||
7 Day CHG~0.00%
Published-23 Jun, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file.

Action-Not Available
Vendor-n/aLibTIFFCanonical Ltd.
Product-ubuntu_linuxlibtiffn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-5022
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-18.78% / 95.04%
||
7 Day CHG~0.00%
Published-03 May, 2011 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in LibTIFF before 3.9.5 allows remote attackers to execute arbitrary code via a crafted TIFF file.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-5652
Matching Score-10
Assigner-CERT/CC
ShareView Details
Matching Score-10
Assigner-CERT/CC
CVSS Score-7||HIGH
EPSS-8.06% / 91.77%
||
7 Day CHG~0.00%
Published-06 Jan, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means.

Action-Not Available
Vendor-LibTIFF
Product-libtiffLibTiff
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-3990
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.44% / 62.45%
||
7 Day CHG~0.00%
Published-21 Sep, 2016 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image to tiffcp.

Action-Not Available
Vendor-n/aLibTIFFOracle Corporation
Product-libtiffvm_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-10093
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.99% / 75.89%
||
7 Day CHG+0.44%
Published-01 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in tools/tiffcp.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5 and 4.0.6 allows remote attackers to have unspecified impact via a crafted image, which triggers a heap-based buffer overflow.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2016-10271
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.42% / 61.04%
||
7 Day CHG~0.00%
Published-24 Mar, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read and buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 1" and libtiff/tif_fax3.c:413:13.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10092
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.66% / 81.31%
||
7 Day CHG+1.02%
Published-01 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the readContigStripsIntoBuffer function in tif_unix.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5 and 4.0.6 allows remote attackers to have unspecified impact via a crafted image.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-3991
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.38% / 58.58%
||
7 Day CHG~0.00%
Published-21 Sep, 2016 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image with zero tiles.

Action-Not Available
Vendor-n/aLibTIFFOracle Corporation
Product-libtiffvm_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2013-4244
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.65% / 69.91%
||
7 Day CHG~0.00%
Published-28 Sep, 2013 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted GIF image.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-4243
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-18.63% / 95.02%
||
7 Day CHG~0.00%
Published-10 Sep, 2013 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image.

Action-Not Available
Vendor-n/aLibTIFFDebian GNU/Linux
Product-libtiffdebian_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-5581
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.61% / 81.02%
||
7 Day CHG~0.00%
Published-04 Jan, 2013 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in tif_dir.c in LibTIFF before 4.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DOTRANGE tag in a TIFF image.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-3401
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.72% / 71.56%
||
7 Day CHG~0.00%
Published-13 Aug, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-4447
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.43% / 79.84%
||
7 Day CHG~0.00%
Published-28 Oct, 2012 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10272
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.49% / 64.39%
||
7 Day CHG~0.00%
Published-24 Mar, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "WRITE of size 2048" and libtiff/tif_next.c:64:9.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-17095
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.97% / 82.77%
||
7 Day CHG~0.00%
Published-02 Dec, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-2065
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-5.58% / 89.93%
||
7 Day CHG~0.00%
Published-23 Jun, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CVE-2016-10268
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.34% / 55.89%
||
7 Day CHG~0.00%
Published-24 Mar, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 78490" and libtiff/tif_unix.c:115:23.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2017-11335
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.23% / 78.37%
||
7 Day CHG~0.00%
Published-16 Jul, 2017 | 04:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig=Contig image, which causes a more than one hundred bytes out-of-bounds write (related to the ZIPDecode function in tif_zip.c). A crafted input may lead to a remote denial of service attack or an arbitrary code execution attack.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-9453
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.40% / 59.73%
||
7 Day CHG~0.00%
Published-27 Jan, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a JPEG file with a TIFFTAG_JPEGTABLES of length one.

Action-Not Available
Vendor-n/aopenSUSEDebian GNU/LinuxLibTIFF
Product-debian_linuxopensuselibtiffn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-8331
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-8.1||HIGH
EPSS-4.38% / 88.54%
||
7 Day CHG~0.00%
Published-28 Oct, 2016 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6. A crafted TIFF document can lead to a type confusion vulnerability resulting in remote code execution. This vulnerability can be triggered via a TIFF file delivered to the application using LibTIFF's tag extension functionality.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffLibTIFF 4.0.6
CVE-2016-5314
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.16% / 77.71%
||
7 Day CHG~0.00%
Published-12 Mar, 2018 | 02:00
Updated-06 Aug, 2024 | 01:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr.

Action-Not Available
Vendor-n/aopenSUSERed Hat, Inc.Debian GNU/LinuxLibTIFF
Product-debian_linuxopensuselibtiffenterprise_linuxleapn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-3632
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.18% / 40.37%
||
7 Day CHG~0.00%
Published-21 Sep, 2016 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image.

Action-Not Available
Vendor-n/aLibTIFFOracle Corporation
Product-libtiffvm_servern/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-3621
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.68% / 70.54%
||
7 Day CHG~0.00%
Published-03 Oct, 2016 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c lzw" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-10269
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.57% / 67.69%
||
7 Day CHG~0.00%
Published-24 Mar, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6 and 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 512" and libtiff/tif_unix.c:340:2.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-10270
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.34% / 56.12%
||
7 Day CHG~0.00%
Published-24 Mar, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 8" and libtiff/tif_read.c:523:22.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-10094
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.49% / 64.57%
||
7 Day CHG+0.22%
Published-01 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Off-by-one error in the t2p_readwrite_pdf_image_tile function in tools/tiff2pdf.c in LibTIFF 4.0.7 allows remote attackers to have unspecified impact via a crafted image.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CVE-2012-2113
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.45% / 79.95%
||
7 Day CHG~0.00%
Published-22 Jul, 2012 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CVE-2016-3945
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.03%
||
7 Day CHG~0.00%
Published-21 Sep, 2016 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile functions in the tiff2rgba tool in LibTIFF 4.0.6 and earlier, when -b mode is enabled, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image, which triggers an out-of-bounds write.

Action-Not Available
Vendor-n/aLibTIFFOracle Corporation
Product-libtiffvm_servern/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-787
Out-of-bounds Write
CVE-2013-4232
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.67% / 81.37%
||
7 Day CHG~0.00%
Published-10 Sep, 2013 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in the t2p_readwrite_pdf_image function in tools/tiff2pdf.c in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted TIFF image.

Action-Not Available
Vendor-n/aLibTIFFDebian GNU/Linux
Product-libtiffdebian_linuxn/a
CVE-2014-8129
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-0.82% / 73.44%
||
7 Day CHG~0.00%
Published-12 Mar, 2018 | 02:00
Updated-06 Aug, 2024 | 13:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c.

Action-Not Available
Vendor-n/aLibTIFFRed Hat, Inc.Debian GNU/LinuxApple Inc.
Product-enterprise_linux_serveriphone_osdebian_linuxenterprise_linux_server_euslibtiffenterprise_linux_server_ausmac_os_xenterprise_linux_server_tusn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-5360
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.46% / 63.12%
||
7 Day CHG~0.00%
Published-14 Jan, 2018 | 02:00
Updated-05 Aug, 2024 | 05:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27.

Action-Not Available
Vendor-n/aLibTIFFGraphicsMagick
Product-libtiffgraphicsmagickn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2012-4564
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-26.46% / 96.13%
||
7 Day CHG~0.00%
Published-11 Nov, 2012 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow.

Action-Not Available
Vendor-n/aCanonical Ltd.Red Hat, Inc.openSUSELibTIFFDebian GNU/Linux
Product-enterprise_linux_desktopubuntu_linuxenterprise_linux_eusenterprise_linux_workstationlibtiffdebian_linuxopensuseenterprise_linux_servern/a
CVE-2020-35523
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.28% / 50.79%
||
7 Day CHG~0.00%
Published-09 Mar, 2021 | 19:17
Updated-04 Aug, 2024 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Action-Not Available
Vendor-n/aNetApp, Inc.Red Hat, Inc.Debian GNU/LinuxLibTIFF
Product-ontap_select_deploy_administration_utilitylibtiffdebian_linuxenterprise_linuxlibtiff
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2012-1173
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.35% / 79.35%
||
7 Day CHG~0.00%
Published-04 Jun, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTileSeparate or (2) gtStripSeparate function, leading to a heap-based buffer overflow.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CVE-2019-6128
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.52% / 84.82%
||
7 Day CHG~0.00%
Published-11 Jan, 2019 | 05:00
Updated-04 Aug, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.

Action-Not Available
Vendor-n/aopenSUSELibTIFFDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxlibtiffdebian_linuxleapn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2019-17546
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.38% / 58.83%
||
7 Day CHG~0.00%
Published-14 Oct, 2019 | 01:07
Updated-20 Dec, 2024 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition.

Action-Not Available
Vendor-osgeon/aLibTIFF
Product-gdallibtiffn/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-8905
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.79% / 72.91%
||
7 Day CHG~0.00%
Published-22 Mar, 2018 | 04:00
Updated-05 Aug, 2024 | 07:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps.

Action-Not Available
Vendor-n/aLibTIFFRed Hat, Inc.Debian GNU/LinuxCanonical Ltd.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxlibtiffenterprise_linux_workstationenterprise_linux_desktopn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-18557
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-33.19% / 96.76%
||
7 Day CHG~0.00%
Published-22 Oct, 2018 | 16:00
Updated-05 Aug, 2024 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-of-bounds write.

Action-Not Available
Vendor-n/aLibTIFFDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxlibtiffdebian_linuxn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-17795
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.46% / 80.08%
||
7 Day CHG~0.00%
Published-30 Sep, 2018 | 20:00
Updated-05 Aug, 2024 | 10:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-17100
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.53% / 66.40%
||
7 Day CHG~0.00%
Published-16 Sep, 2018 | 21:00
Updated-05 Aug, 2024 | 10:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file.

Action-Not Available
Vendor-n/aLibTIFFDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxlibtiffdebian_linuxn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-17101
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.52% / 65.79%
||
7 Day CHG~0.00%
Published-16 Sep, 2018 | 21:00
Updated-05 Aug, 2024 | 10:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.

Action-Not Available
Vendor-n/aLibTIFFDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxlibtiffdebian_linuxn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-16335
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.59% / 80.91%
||
7 Day CHG~0.00%
Published-02 Sep, 2018 | 03:00
Updated-05 Aug, 2024 | 10:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209.

Action-Not Available
Vendor-n/aLibTIFFDebian GNU/Linux
Product-libtiffdebian_linuxn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-15209
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.60% / 68.61%
||
7 Day CHG~0.00%
Published-08 Aug, 2018 | 04:00
Updated-05 Aug, 2024 | 09:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf.

Action-Not Available
Vendor-n/aLibTIFFDebian GNU/Linux
Product-libtiffdebian_linuxn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-12900
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-11.89% / 93.48%
||
7 Day CHG~0.00%
Published-26 Jun, 2018 | 22:00
Updated-05 Aug, 2024 | 08:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via a crafted TIFF file.

Action-Not Available
Vendor-n/aLibTIFFCanonical Ltd.
Product-ubuntu_linuxlibtiffn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-9935
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.01% / 76.23%
||
7 Day CHG~0.00%
Published-26 Jun, 2017 | 12:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an invalid free in TIFFClose or t2p_free, memory corruption in t2p_readwrite_pdf_image, or a double free in t2p_free. Given these possibilities, it probably could cause arbitrary code execution.

Action-Not Available
Vendor-n/aDebian GNU/LinuxCanonical Ltd.LibTIFF
Product-ubuntu_linuxdebian_linuxlibtiffn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-7596
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.36% / 57.62%
||
7 Day CHG~0.00%
Published-09 Apr, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-7601
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.52% / 65.64%
||
7 Day CHG~0.00%
Published-09 Apr, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-7592
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.35% / 56.82%
||
7 Day CHG~0.00%
Published-09 Apr, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 40
  • 41
  • Next
Details not found