cbcvebase.

Debian Tiff vulnerabilities

264 known vulnerabilities affecting debian/tiff.

Total CVEs
264
CISA KEV
0
Public exploits
16
Exploited in wild
0
Severity breakdown
CRITICAL16HIGH65MEDIUM128LOW55

Vulnerabilities

Page 1 of 14
CVE-2006-3459P2HIGHCVSS 7.5PoCfixed in tiff 3.8.2-6 (bookworm)2006
CVE-2006-3459 [HIGH] CVE-2006-3459: tiff - Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2... Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdir_count value in the TIFFFetchShortPair function in tif_dirread.c. Scope: local bookworm: resolved (fixed
debian
CVE-2018-18557P2HIGHCVSS 8.8PoCfixed in tiff 4.0.9+git181026-1 (bookworm)2018
CVE-2018-18557 [HIGH] CVE-2018-18557: tiff - LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6... LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-of-bounds write. Scope: local bookworm: resolved (fixed in
debian
CVE-2017-17095P3LOWCVSS 8.8PoCfixed in tiff 4.0.9-5 (bookworm)2017
CVE-2017-17095 [HIGH] CVE-2017-17095: tiff - tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a d... tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file. Scope: local bookworm: resolved (fixed in 4.0.9-5) bullseye: resolved (fixed in 4.0.9-5) forky: resolved (fixed in 4.0.9-5) sid: resolved (f
debian
CVE-2009-5022P3MEDIUMCVSS 6.8PoCfixed in tiff 3.9.5-1 (bookworm)2009
CVE-2009-5022 [MEDIUM] CVE-2009-5022: tiff - Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in LibTIFF before... Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in LibTIFF before 3.9.5 allows remote attackers to execute arbitrary code via a crafted TIFF file. Scope: local bookworm: resolved (fixed in 3.9.5-1) bullseye: resolved (fixed in 3.9.5-1) forky: resolved (fixed in 3.9.5-1) sid: resolved (fixed in 3.9.5-1) trixie: resolved (fixed in 3.9.5-1)
debian
CVE-2017-10688P3HIGHCVSS 7.5PoCfixed in tiff 4.0.8-3 (bookworm)2017
CVE-2017-10688 [HIGH] CVE-2017-10688: tiff - In LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectoryTagChecked... In LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectoryTagCheckedLong8Array function in tif_dirwrite.c. A crafted input will lead to a remote denial of service attack. Scope: local bookworm: resolved (fixed in 4.0.8-3) bullseye: resolved (fixed in 4.0.8-3) forky: resolved (fixed in 4.0.8-3) sid: resolved (fixed in 4.0.8-3) trixie: resolved (fixed in 4.0.
debian
CVE-2006-2656P3LOWCVSS 7.5PoCfixed in tiff 3.8.2-3 (bookworm)2006
CVE-2006-2656 [HIGH] CVE-2006-2656: tiff - Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlie... Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE. Scope: local bo
debian
CVE-2005-1544P3HIGHCVSS 7.5PoCfixed in tiff 3.7.2-3 (bookworm)2005
CVE-2005-1544 [HIGH] CVE-2005-1544: tiff - Stack-based buffer overflow in libTIFF before 3.7.2 allows remote attackers to e... Stack-based buffer overflow in libTIFF before 3.7.2 allows remote attackers to execute arbitrary code via a TIFF file with a malformed BitsPerSample tag. Scope: local bookworm: resolved (fixed in 3.7.2-3) bullseye: resolved (fixed in 3.7.2-3) forky: resolved (fixed in 3.7.2-3) sid: resolved (fixed in 3.7.2-3) trixie: resolved (fixed in 3.7.2-3)
debian
CVE-2017-9936P3MEDIUMCVSS 6.5PoCfixed in tiff 4.0.8-3 (bookworm)2017
CVE-2017-9936 [MEDIUM] CVE-2017-9936: tiff - In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c. A crafted TIFF document ... In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c. A crafted TIFF document can lead to a memory leak resulting in a remote denial of service attack. Scope: local bookworm: resolved (fixed in 4.0.8-3) bullseye: resolved (fixed in 4.0.8-3) forky: resolved (fixed in 4.0.8-3) sid: resolved (fixed in 4.0.8-3) trixie: resolved (fixed in 4.0.8-3)
debian
CVE-2015-8668P3CRITICALCVSS 9.8fixed in tiff 4.0.6-3 (bookworm)2015
CVE-2015-8668 [CRITICAL] CVE-2015-8668: tiff - Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c i... Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image. Scope: local bookworm: resolved (fixed in 4.0.6-3) bullseye: resolved (fixed in 4.0.6-3) forky: resolved (fixed in 4.0.6-3) sid: r
debian
CVE-2017-9147P3MEDIUMCVSS 6.5PoCfixed in tiff 4.0.8-2 (bookworm)2017
CVE-2017-9147 [MEDIUM] CVE-2017-9147: tiff - LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField function in tif_dir.c, w... LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField function in tif_dir.c, which might allow remote attackers to cause a denial of service (crash) via a crafted TIFF file. Scope: local bookworm: resolved (fixed in 4.0.8-2) bullseye: resolved (fixed in 4.0.8-2) forky: resolved (fixed in 4.0.8-2) sid: resolved (fixed in 4.0.8-2) trixie: resolved (fixed in 4.0.8-2)
debian
CVE-2006-2025P3MEDIUMCVSS 6.5PoCfixed in tiff 3.8.1 (bookworm)2006
CVE-2006-2025 [MEDIUM] CVE-2006-2025: tiff - Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff befo... Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted TIFF image. Scope: local bookworm: resolved (fixed in 3.8.1) bullseye: resolved (fixed in 3.8.1) forky: resolved (fixed in 3.8.1) sid: resolved (fixed in 3.8.1) trixie:
debian
CVE-2018-12900P3HIGHCVSS 8.8fixed in tiff 4.0.10-4 (bookworm)2018
CVE-2018-12900 [HIGH] CVE-2018-12900: tiff - Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c ... Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via a cr
debian
CVE-2006-2026P4MEDIUMCVSS 6.5PoCfixed in tiff 3.8.1 (bookworm)2006
CVE-2006-2026 [MEDIUM] CVE-2006-2026: tiff - Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-d... Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers errors related to "setfield/getfield methods in cleanup functions." Scope: local bookworm: resolved (fixed in 3.8.1) bullseye: resolved (fixed in 3.8.1) forky:
debian
CVE-2016-8331P3HIGHCVSS 8.1fixed in tiff 4.0.6-3 (bookworm)2016
CVE-2016-8331 [HIGH] CVE-2016-8331: tiff - An exploitable remote code execution vulnerability exists in the handling of TIF... An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6. A crafted TIFF document can lead to a type confusion vulnerability resulting in remote code execution. This vulnerability can be triggered via a TIFF file delivered to the application using LibTIFF's tag extension functionality. Scope: local bookworm: resolv
debian
CVE-2025-9900P3HIGHCVSS 8.8fixed in tiff 4.5.0-6+deb12u3 (bookworm)2025
CVE-2025-9900 [HIGH] CVE-2025-9900: tiff - A flaw was found in Libtiff. This vulnerability is a "write-what-where" conditio... A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be
debian
CVE-2016-9533P3CRITICALCVSS 9.8fixed in tiff 4.0.7-1 (bookworm)2016
CVE-2016-9533 [CRITICAL] CVE-2016-9533: tiff - tif_pixarlog.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap ... tif_pixarlog.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers. Reported as MSVR 35094, aka "PixarLog horizontalDifference heap-buffer-overflow." Scope: local bookworm: resolved (fixed in 4.0.7-1) bullseye: resolved (fixed in 4.0.7-1) forky: resolved (fixed in 4.0.7-1) sid: resolved (fixed in 4.0.7-1) trixie: resolved (fixed in 4.0.
debian
CVE-2013-1960P3CRITICALCVSS 9.3fixed in tiff 4.0.2-6+nmu1 (bookworm)2013
CVE-2013-1960 [CRITICAL] CVE-2013-1960: tiff - Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in... Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file. Scope: local bookworm: resolved (fixed in 4.0.2-6+nmu1) bullseye: resolved (fixed in 4.0.2-6+nmu1) forky: resolved (fixed in 4.0.2-6+n
debian
CVE-2022-3970P3MEDIUMCVSS 6.3fixed in tiff 4.4.0-6 (bookworm)2022
CVE-2022-3970 [MEDIUM] CVE-2022-3970: tiff - A vulnerability was found in LibTIFF. It has been classified as critical. This a... A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 227500897dfb07fb7d27f7aa570050e62617
debian
CVE-2016-9540P3CRITICALCVSS 9.8fixed in tiff 4.0.7-1 (bookworm)2016
CVE-2016-9540 [CRITICAL] CVE-2016-9540: tiff - tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with ... tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka "cpStripToTile heap-buffer-overflow." Scope: local bookworm: resolved (fixed in 4.0.7-1) bullseye: resolved (fixed in 4.0.7-1) forky: resolved (fixed in 4.0.7-1) sid: resolved (fixed in 4.0.7-1) trixie: resolved (fixed in 4.0.
debian
CVE-2016-9536P3CRITICALCVSS 9.8fixed in tiff 4.0.7-1 (bookworm)2016
CVE-2016-9536 [CRITICAL] CVE-2016-9536: tiff - tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in hea... tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers in t2p_process_jpeg_strip(). Reported as MSVR 35098, aka "t2p_process_jpeg_strip heap-buffer-overflow." Scope: local bookworm: resolved (fixed in 4.0.7-1) bullseye: resolved (fixed in 4.0.7-1) forky: resolved (fixed in 4.0.7-1) sid: resolved (fixed in 4.0.7-1) trixie:
debian
1 / 14Next →
Debian Tiff vulnerabilities | cvebase