CVE-2022-1354: A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to…

CVE-2020-19131 [HIGH] tiff vulnerabilities tiff vulnerabilities It was discovered that LibTIFF was not properly performing the calculation of data that would eventually be used as a reference for bound-checking operations. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-19131) It was discovered that LibTIFF was not properly terminating a function execution when processing incorrect data. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-19144) It was discovered that LibTIFF did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted TIFF file using tiffinf

CVE-2022-1354 [MEDIUM] CWE-125 GHSA-8g2j-v7wm-mhv5: A heap buffer overflow flaw was found in Libtiffs' tiffinfo A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service.

CVE-2022-1354 [MEDIUM] CVE-2022-1354: A heap buffer overflow flaw was found in Libtiffs' tiffinfo A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service.

CVE-2020-19144 [HIGH] LibTIFF vulnerabilities Title: LibTIFF vulnerabilities Summary: Several security issues were fixed in LibTIFF. It was discovered that LibTIFF was not properly performing the calculation of data that would eventually be used as a reference for bound-checking operations. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-19131) It was discovered that LibTIFF was not properly terminating a function execution when processing incorrect data. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-19144) It was discovered that LibTIFF did not properly manage memory under certain circumstances. If a user we

CVE-2022-1354 [MEDIUM] CWE-125 libtiff: heap-buffer-overflow in TIFFReadRawDataStriped() in tiffinfo.c libtiff: heap-buffer-overflow in TIFFReadRawDataStriped() in tiffinfo.c A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service. A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service. Statement: In order to successfully exploit this vulberability, the attacker needs to create a specially crafted TIFF file designed to exploit the buffer overflow in the TIFFRea

CVE-2022-1354 [MEDIUM] CVE-2022-1354: tiff - A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawData... A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service. Scope: local bookworm: resolved (fixed in 4.3.0-7) bullseye: resolved (fixed in 4.2.0-1+deb11u3) forky: resolved (fixed in 4.3.0-7) sid: resolved (fixed in 4.3.0-7) trixie: resolved (fixed in 4.3.0-7)