cbcvebase.

Debian Tiff vulnerabilities

264 known vulnerabilities affecting debian/tiff.

Total CVEs
264
CISA KEV
0
Public exploits
16
Exploited in wild
0
Severity breakdown
CRITICAL16HIGH65MEDIUM128LOW55

Vulnerabilities

Page 3 of 14
CVE-2010-2630P4MEDIUMCVSS 4.3PoCfixed in tiff 3.9.6-1 (bookworm)2010
CVE-2010-2630 [MEDIUM] CVE-2010-2630: tiff - The TIFFReadDirectory function in LibTIFF 3.9.0 does not properly validate the d... The TIFFReadDirectory function in LibTIFF 3.9.0 does not properly validate the data types of codec-specific tags that have an out-of-order position in a TIFF file, which allows remote attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2010-2481. Scope: local bookworm: resolved (fixed in 3.9.6-1) bullseye: r
debian
CVE-2018-17795P3HIGHCVSS 8.8fixed in tiff 4.0.9-2 (bookworm)2018
CVE-2018-17795 [HIGH] CVE-2018-17795: tiff - The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows rem... The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935. Scope: local bookworm: resolved (fixed in 4.0.9-2) bullseye: resolved (fixed in 4.0.9-2) forky:
debian
CVE-2012-2088P3HIGHCVSS 7.5fixed in tiff 4.0-1 (bookworm)2012
CVE-2012-2088 [HIGH] CVE-2012-2088: tiff - Integer signedness error in the TIFFReadDirectory function in tif_dirread.c in l... Integer signedness error in the TIFFReadDirectory function in tif_dirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion between signed and unsigned types, leading to a heap-based buffer overflow. Sc
debian
CVE-2017-5563P3LOWCVSS 8.8fixed in tiff 4.0.7-1 (bookworm)2017
CVE-2017-5563 [HIGH] CVE-2017-5563: tiff - LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.... LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff. Scope: local bookworm: resolved (fixed in 4.0.7-1) bullseye: resolved (fixed in 4.0.7-1) forky: resolved (fixed in 4.0.7-1) sid: resolved (fixed in 4.0.7-1) trixie: resolved (fixed in 4.0.7-1)
debian
CVE-2025-8176P3LOWCVSS 4.8fixed in tiff 4.7.1-1 (forky)2025
CVE-2025-8176 [MEDIUM] CVE-2025-8176: tiff - A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critic... A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function get_histogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as fe10872e53efba9cc36c66ac4ab
debian
CVE-2006-2024P4MEDIUMCVSS 4.0PoCfixed in tiff 3.8.1 (bookworm)2006
CVE-2006-2024 [MEDIUM] CVE-2006-2024: tiff - Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent attacke... Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent attackers to cause a denial of service via a TIFF image that triggers errors in (1) the TIFFFetchAnyArray function in (a) tif_dirread.c; (2) certain "codec cleanup methods" in (b) tif_lzw.c, (c) tif_pixarlog.c, and (d) tif_zip.c; (3) and improper restoration of setfield and getfield methods in cle
debian
CVE-2011-1167P3MEDIUMCVSS 6.8fixed in tiff 3.9.4-9 (bookworm)2011
CVE-2011-1167 [MEDIUM] CVE-2011-1167: tiff - Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thund... Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value. Scope: local bookworm: resolved (fixed in 3.9.4-9) bullseye: resolved (fixed in 3.9.4-9) forky: resolved (fixed
debian
CVE-2013-1961P3CRITICALCVSS 9.3fixed in tiff 4.0.2-6+nmu1 (bookworm)2013
CVE-2013-1961 [CRITICAL] CVE-2013-1961: tiff - Stack-based buffer overflow in the t2p_write_pdf_page function in tiff2pdf in li... Stack-based buffer overflow in the t2p_write_pdf_page function in tiff2pdf in libtiff before 4.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted image length and resolution in a TIFF image file. Scope: local bookworm: resolved (fixed in 4.0.2-6+nmu1) bullseye: resolved (fixed in 4.0.2-6+nmu1) forky: resolved (fixed in 4.0.2-6+
debian
CVE-2023-25434P3HIGHCVSS 8.8fixed in tiff 4.5.0-5 (bookworm)2023
CVE-2023-25434 [HIGH] CVE-2023-25434: tiff - libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() a... libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215. Scope: local bookworm: resolved (fixed in 4.5.0-5) bullseye: resolved (fixed in 4.2.0-1+deb11u4) forky: resolved (fixed in 4.5.0-5) sid: resolved (fixed in 4.5.0-5) trixie: resolved (fixed in 4.5.0-5)
debian
CVE-2020-35523P3HIGHCVSS 7.8fixed in tiff 4.1.0+git201212-1 (bookworm)2020
CVE-2020-35523 [HIGH] CVE-2020-35523: tiff - An integer overflow flaw was found in libtiff that exists in the tif_getimage.c ... An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Scope: local bookworm: resolved (fixed in 4.1.0+git201212-1) bullseye:
debian
CVE-2020-35524P3HIGHCVSS 7.8fixed in tiff 4.1.0+git201212-1 (bookworm)2020
CVE-2020-35524 [HIGH] CVE-2020-35524: tiff - A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF i... A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Scope: local bookworm: resolved (fixed in 4.1.0+git201212-1) bullseye: resolved
debian
CVE-2016-6223P3CRITICALCVSS 9.1fixed in tiff 4.0.6-2 (bookworm)2016
CVE-2016-6223 [CRITICAL] CVE-2016-6223: tiff - The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.c in libtiff be... The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.c in libtiff before 4.0.7 allows remote attackers to cause a denial of service (crash) or possibly obtain sensitive information via a negative index in a file-content buffer. Scope: local bookworm: resolved (fixed in 4.0.6-2) bullseye: resolved (fixed in 4.0.6-2) forky: resolved (fixed in 4.0.6-2) sid:
debian
CVE-2018-15209P3HIGHCVSS 8.8fixed in tiff 4.0.9-5 (bookworm)2018
CVE-2018-15209 [HIGH] CVE-2018-15209: tiff - ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote at... ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. Scope: local bookworm: resolved (fixed in 4.0.9-5) bullseye: resolved (fixed in 4.0.9-5) forky: resolved (f
debian
CVE-2013-4243P3LOWCVSS 6.8fixed in tiff 4.0.3-9 (bookworm)2013
CVE-2013-4243 [MEDIUM] CVE-2013-4243: tiff - Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in ... Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image. Scope: local bookworm: resolved (fixed in 4.0.3-9) bullseye: resolved (fixed in 4.0.3-9) forky: resolved (fixed in
debian
CVE-2016-3990P3HIGHCVSS 7.8fixed in tiff 4.0.7-1 (bookworm)2016
CVE-2016-3990 [HIGH] CVE-2016-3990: tiff - Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog... Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image to tiffcp. Scope: local bookworm: resolved (fixed in 4.0.7-1) bullseye: resolved (fixed in 4.0.7-1) forky: resolved (fixed in 4.0.7-1) sid: resolved
debian
CVE-2016-3991P3HIGHCVSS 7.8fixed in tiff 4.0.7-1 (bookworm)2016
CVE-2016-3991 [HIGH] CVE-2016-3991: tiff - Heap-based buffer overflow in the loadImage function in the tiffcrop tool in Lib... Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image with zero tiles. Scope: local bookworm: resolved (fixed in 4.0.7-1) bullseye: resolved (fixed in 4.0.7-1) forky: resolved (fixed in 4.0.7-1) sid
debian
CVE-2016-3632P3HIGHCVSS 7.8fixed in tiff 4.0.6-3 (bookworm)2016
CVE-2016-3632 [HIGH] CVE-2016-3632: tiff - The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows... The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image. Scope: local bookworm: resolved (fixed in 4.0.6-3) bullseye: resolved (fixed in 4.0.6-3) forky: resolved (fixed in 4.0.6-3) sid: resolved (fixed in 4.0.6-3) trixie: resolve
debian
CVE-2016-10092P3HIGHCVSS 7.8fixed in tiff 4.0.7-2 (bookworm)2016
CVE-2016-10092 [HIGH] CVE-2016-10092: tiff - Heap-based buffer overflow in the readContigStripsIntoBuffer function in tif_uni... Heap-based buffer overflow in the readContigStripsIntoBuffer function in tif_unix.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5 and 4.0.6 allows remote attackers to have unspecified impact via a crafted image. Scope: local bookworm: resolved (fixed in 4.0.7-2
debian
CVE-2014-8129P3HIGHCVSS 8.8fixed in tiff 4.0.3-12.1 (bookworm)2014
CVE-2014-8129 [HIGH] CVE-2014-8129: tiff - LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bound... LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c. Scope: local bookworm: resolved (fixed in 4.0.3-12.1) bullseye:
debian
CVE-2012-1173P3MEDIUMCVSS 6.8fixed in tiff 4.0.1-2 (bookworm)2012
CVE-2012-1173 [MEDIUM] CVE-2012-1173: tiff - Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote atta... Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTileSeparate or (2) gtStripSeparate function, leading to a heap-based buffer overflow. Scope: local bookworm: resolved (fixed in 4.0.1-2) bullseye: resolved (fixed in 4.0.1-2)
debian
Debian Tiff vulnerabilities | cvebase