Libtiff

libtiff

Vendor: Libtiff • 262 CVEs

CVEs (262)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2010-4665 1Libtiff 1Libtiff Apr 29, 2026 May 3, 2011 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a cr...Show more Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF file containing a directory data structure with many directory entries.Show less
CVE-2009-5022 1Libtiff 1Libtiff Apr 29, 2026 May 3, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in LibTIFF before 3.9.5 allows remote attackers to execute arbitrary code via a crafted TIFF file.
CVE-2011-1167 1Libtiff 1Libtiff Apr 29, 2026 Mar 28, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that...Show more Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value.Show less
CVE-2010-3087 2Libtiff Opensuse 2Libtiff Opensuse Apr 29, 2026 Sep 28, 2010 N/A· v4 N/A· v3 6.8 MEDIUM· v2 LibTIFF before 3.9.2-5.2.1 in SUSE openSUSE 11.3 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted TIFF image.
CVE-2010-2631 1Libtiff 1Libtiff Apr 29, 2026 Jul 6, 2010 N/A· v4 N/A· v3 4.3 MEDIUM· v2 LibTIFF 3.9.0 ignores tags in certain situations during the first stage of TIFF file processing and does not properly handle this during the second stage, which allows remote attackers to cause a denial of service (appli...Show more LibTIFF 3.9.0 ignores tags in certain situations during the first stage of TIFF file processing and does not properly handle this during the second stage, which allows remote attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2010-2481.Show less
CVE-2010-2630 1Libtiff 1Libtiff Apr 29, 2026 Jul 6, 2010 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The TIFFReadDirectory function in LibTIFF 3.9.0 does not properly validate the data types of codec-specific tags that have an out-of-order position in a TIFF file, which allows remote attackers to cause a denial of servi...Show more The TIFFReadDirectory function in LibTIFF 3.9.0 does not properly validate the data types of codec-specific tags that have an out-of-order position in a TIFF file, which allows remote attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2010-2481.Show less
CVE-2010-2483 1Libtiff 1Libtiff Apr 29, 2026 Jul 6, 2010 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a TIFF file with an invalid combination of SamplesPerPixel and Photometri...Show more The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a TIFF file with an invalid combination of SamplesPerPixel and Photometric values.Show less
CVE-2010-2482 1Libtiff 1Libtiff Apr 29, 2026 Jul 6, 2010 N/A· v4 N/A· v3 4.3 MEDIUM· v2 LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted TIFF file,...Show more LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted TIFF file, a different vulnerability than CVE-2010-2443.Show less
CVE-2010-2481 1Libtiff 1Libtiff Apr 29, 2026 Jul 6, 2010 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash...Show more The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file.Show less
CVE-2010-2597 1Libtiff 1Libtiff Apr 29, 2026 Jul 2, 2010 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF...Show more The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image, related to "downsampled OJPEG input" and possibly related to a compiler optimization that triggers a divide-by-zero error.Show less
CVE-2010-2596 1Libtiff 1Libtiff Apr 29, 2026 Jul 2, 2010 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The OJPEGPostDecode function in tif_ojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted TIFF image, related...Show more The OJPEGPostDecode function in tif_ojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted TIFF image, related to "downsampled OJPEG input."Show less
CVE-2010-2595 1Libtiff 1Libtiff Apr 29, 2026 Jul 2, 2010 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service (application crash)...Show more The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers an array index error, related to "downsampled OJPEG input."Show less
CVE-2010-2233 1Libtiff 1Libtiff Apr 29, 2026 Jul 2, 2010 N/A· v4 N/A· v3 7.5 HIGH· v2 tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service (application crash) or possibly...Show more tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF image, related to "downsampled OJPEG input."Show less
CVE-2010-2443 1Libtiff 1Libtiff Apr 29, 2026 Jun 24, 2010 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The OJPEGReadBufferFill function in tif_ojpeg.c in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an OJPEG image with undefined strip offset...Show more The OJPEGReadBufferFill function in tif_ojpeg.c in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an OJPEG image with undefined strip offsets, related to the TIFFVGetField function.Show less
CVE-2010-2067 2Canonical Libtiff 2Libtiff Ubuntu Linux Apr 29, 2026 Jun 24, 2010 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code vi...Show more Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file.Show less
CVE-2010-2065 1Libtiff 1Libtiff Apr 29, 2026 Jun 24, 2010 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer...Show more Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow.Show less
CVE-2009-2347 1Libtiff 1Libtiff Apr 23, 2026 Jul 14, 2009 N/A· v4 N/A· v3 9.3 HIGH· v2 Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) heigh...Show more Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buffer overflow in the (a) cvt_whole_image function in tiff2rgba and (b) tiffcvt function in rgb2ycbcr.Show less
CVE-2009-2285 1Libtiff 1Libtiff Apr 23, 2026 Jul 1, 2009 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327.
CVE-2008-2327 1Libtiff 1Libtiff Apr 23, 2026 Aug 27, 2008 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary...Show more Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.Show less
CVE-2006-3465 1Libtiff 1Libtiff Apr 16, 2026 Aug 3, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 Unspecified vulnerability in the custom tag support for the TIFF library (libtiff) before 3.8.2 allows remote attackers to cause a denial of service (instability or crash) and execute arbitrary code via unknown vectors.

Previous 1...10 111213 14 Next