cbcvebase.

Debian Tiff vulnerabilities

264 known vulnerabilities affecting debian/tiff.

Total CVEs
264
CISA KEV
0
Public exploits
16
Exploited in wild
0
Severity breakdown
CRITICAL16HIGH65MEDIUM128LOW55

Vulnerabilities

Page 4 of 14
CVE-2010-1411P3MEDIUMCVSS 6.8fixed in tiff 3.9.4-1 (bookworm)2010
CVE-2010-1411 [MEDIUM] CVE-2010-1411: tiff - Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the F... Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as used in ImageIO in Apple Mac OS X 10.5.8 and Mac OS X 10.6 before 10.6.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow. Scope: loca
debian
CVE-2016-9539P3LOWCVSS 9.8fixed in tiff 4.0.7-1 (bookworm)2016
CVE-2016-9539 [CRITICAL] CVE-2016-9539: tiff - tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIn... tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer(). Reported as MSVR 35092. Scope: local bookworm: resolved (fixed in 4.0.7-1) bullseye: resolved (fixed in 4.0.7-1) forky: resolved (fixed in 4.0.7-1) sid: resolved (fixed in 4.0.7-1) trixie: resolved (fixed in 4.0.7-1)
debian
CVE-2004-0803P3HIGHCVSS 7.5fixed in tiff 3.6.1-2 (bookworm)2004
CVE-2004-0803 [HIGH] CVE-2004-0803: tiff - Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3... Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. Scope: local bookworm: resolved (fixed in 3.6.1-2) bullseye: resolved (fixed in 3.6.1-2) forky: resolved (fixed in 3.6.1-2) sid: resolved (fixed in 3.6.1-2) tr
debian
CVE-2023-52355P3HIGHCVSS 7.5fixed in tiff 4.5.1+git230720-4 (forky)2023
CVE-2023-52355 [HIGH] CVE-2023-52355: tiff - An out-of-memory flaw was found in libtiff that could be triggered by passing a ... An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB. Scope: local bookworm: open bullseye: open forky: resolved (fixed in 4.5.1+git230720-4) sid: resolved (fixed in 4.5.1
debian
CVE-2019-6128P3LOWCVSS 8.8fixed in tiff 4.0.10-4 (bookworm)2019
CVE-2019-6128 [HIGH] CVE-2019-6128: tiff - The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as de... The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb. Scope: local bookworm: resolved (fixed in 4.0.10-4) bullseye: resolved (fixed in 4.0.10-4) forky: resolved (fixed in 4.0.10-4) sid: resolved (fixed in 4.0.10-4) trixie: resolved (fixed in 4.0.10-4)
debian
CVE-2018-16335P3HIGHCVSS 8.8fixed in tiff 4.0.9-5 (bookworm)2018
CVE-2018-16335 [HIGH] CVE-2018-16335: tiff - newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF... newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209. Scope: local bookworm: resolv
debian
CVE-2018-5360P3HIGHCVSS 8.8fixed in tiff 4.0.6-3 (bookworm)2018
CVE-2018-5360 [HIGH] CVE-2018-5360: tiff - LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a ... LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27. Scope: local bookworm: resolved (fixed in 4.0.6-3) bullseye: resolved (fixed in 4.0.6-3) forky: resolved (fixed in 4.0.6-3) sid: resolved (fixed in 4.0.6-3) trixie: resolved (fixed in 4.0.6-3)
debian
CVE-2016-3945P3HIGHCVSS 7.8fixed in tiff 4.0.7-1 (bookworm)2016
CVE-2016-3945 [HIGH] CVE-2016-3945: tiff - Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile functions... Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile functions in the tiff2rgba tool in LibTIFF 4.0.6 and earlier, when -b mode is enabled, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image, which triggers an out-of-bounds write. Scope: local bookworm: resolved (fixed in 4.0.7-1) bullseye: res
debian
CVE-2016-9297P3HIGHCVSS 7.5fixed in tiff 4.0.7-1 (bookworm)2016
CVE-2016-9297 [HIGH] CVE-2016-9297: tiff - The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to caus... The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII tag values. Scope: local bookworm: resolved (fixed in 4.0.7-1) bullseye: resolved (fixed in 4.0.7-1) forky: resolved (fixed in 4.0.7-1) sid: resolved (fixed in 4.0.7-1) trixie: resolved (fixed
debian
CVE-2018-17101P3HIGHCVSS 8.8fixed in tiff 4.0.9+git181026-1 (bookworm)2018
CVE-2018-17101 [HIGH] CVE-2018-17101: tiff - An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in ... An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. Scope: local bookworm: resolved (fixed in 4.0.9+git181026-1) bullseye: resolved (fixed in 4.0.9+git181026-1) forky: reso
debian
CVE-2010-2631P4MEDIUMCVSS 4.3PoCfixed in tiff 3.9.4-1 (bookworm)2010
CVE-2010-2631 [MEDIUM] CVE-2010-2631: tiff - LibTIFF 3.9.0 ignores tags in certain situations during the first stage of TIFF ... LibTIFF 3.9.0 ignores tags in certain situations during the first stage of TIFF file processing and does not properly handle this during the second stage, which allows remote attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2010-2481. Scope: local bookworm: resolved (fixed in 3.9.4-1) bullseye: resolved (
debian
CVE-2016-3621P3LOWCVSS 8.8fixed in tiff 4.0.6-3 (bookworm)2016
CVE-2016-3621 [HIGH] CVE-2016-3621: tiff - The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and ea... The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c lzw" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image. Scope: local bookworm: resolved (fixed in 4.0.6-3) bullseye: resolved (fixed in 4.0.6-3) forky: resolved (fixed in 4.0.6-3) sid: resolved (fixed in 4.0.6-3
debian
CVE-2010-2233P3HIGHCVSS 7.5fixed in tiff 3.9.4-2 (bookworm)2010
CVE-2010-2233 [HIGH] CVE-2010-2233: tiff - tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageM... tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF image, related to "downsampled OJPEG input." Scope: local bookworm: resolved (fixed in 3.9.4-2) bullseye: resol
debian
CVE-2016-3624P3HIGHCVSS 7.5fixed in tiff 4.0.6-3 (bookworm)2016
CVE-2016-3624 [HIGH] CVE-2016-3624: tiff - The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows ... The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) by setting the "-v" option to -1. Scope: local bookworm: resolved (fixed in 4.0.6-3) bullseye: resolved (fixed in 4.0.6-3) forky: resolved (fixed in 4.0.6-3) sid: resolved (fixed in 4.0.6-3) trixie: resolved (fixed in 4.0.6-3
debian
CVE-2016-10093P3HIGHCVSS 7.8fixed in tiff 4.0.7-2 (bookworm)2016
CVE-2016-10093 [HIGH] CVE-2016-10093: tiff - Integer overflow in tools/tiffcp.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6,... Integer overflow in tools/tiffcp.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5 and 4.0.6 allows remote attackers to have unspecified impact via a crafted image, which triggers a heap-based buffer overflow. Scope: local bookworm: resolved (fixed in 4.0.7-2) bu
debian
CVE-2024-7006P3HIGHCVSS 7.5fixed in tiff 4.5.0-6+deb12u2 (bookworm)2024
CVE-2024-7006 [HIGH] CVE-2024-7006: tiff - A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This i... A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service. Scope: local bookworm: resolved (f
debian
CVE-2004-1307P3LOWCVSS 7.5fixed in tiff 3.7.0 (bookworm)2004
CVE-2004-1307 [HIGH] CVE-2004-1307: tiff - Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtif... Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. Scope: local bookworm: resolved (fixed in 3.7.0) bullseye: resolved (fi
debian
CVE-2017-17942P3LOWCVSS 8.8fixed in tiff 4.0.6-3 (bookworm)2017
CVE-2017-17942 [HIGH] CVE-2017-17942: tiff - In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBit... In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tif_packbits.c. Scope: local bookworm: resolved (fixed in 4.0.6-3) bullseye: resolved (fixed in 4.0.6-3) forky: resolved (fixed in 4.0.6-3) sid: resolved (fixed in 4.0.6-3) trixie: resolved (fixed in 4.0.6-3)
debian
CVE-2016-3623P3LOWCVSS 7.5fixed in tiff 4.0.6-3 (bookworm)2016
CVE-2016-3623 [HIGH] CVE-2016-3623: tiff - The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause... The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v or (2) h parameter to 0. Scope: local bookworm: resolved (fixed in 4.0.6-3) bullseye: resolved (fixed in 4.0.6-3) forky: resolved (fixed in 4.0.6-3) sid: resolved (fixed in 4.0.6-3) trixie: resolved (fixed in 4.0.6-3)
debian
CVE-2006-3461P3HIGHCVSS 7.5fixed in tiff 3.8.2-6 (bookworm)2006
CVE-2006-3461 [HIGH] CVE-2006-3461: tiff - Heap-based buffer overflow in the PixarLog decoder in the TIFF library (libtiff)... Heap-based buffer overflow in the PixarLog decoder in the TIFF library (libtiff) before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors. Scope: local bookworm: resolved (fixed in 3.8.2-6) bullseye: resolved (fixed in 3.8.2-6) forky: resolved (fixed in 3.8.2-6) sid: resolved (fixed in 3.8.2-6) trixie: resolved (fixed in 3.8.2-6)
debian
Debian Tiff vulnerabilities | cvebase