LibTIFF before 3.9.2-5.2.1 in SUSE openSUSE 11.3 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted TIFF image.
Max CVSS
6.8
EPSS Score
2.53%
Published
2010-09-28
Updated
2018-10-30
LibTIFF 3.9.0 ignores tags in certain situations during the first stage of TIFF file processing and does not properly handle this during the second stage, which allows remote attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2010-2481.
Max CVSS
4.3
EPSS Score
0.53%
Published
2010-07-06
Updated
2013-05-15
The TIFFReadDirectory function in LibTIFF 3.9.0 does not properly validate the data types of codec-specific tags that have an out-of-order position in a TIFF file, which allows remote attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2010-2481.
Max CVSS
4.3
EPSS Score
1.22%
Published
2010-07-06
Updated
2013-05-15
The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image, related to "downsampled OJPEG input" and possibly related to a compiler optimization that triggers a divide-by-zero error.
Max CVSS
4.3
EPSS Score
1.93%
Published
2010-07-02
Updated
2013-05-15
The OJPEGPostDecode function in tif_ojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted TIFF image, related to "downsampled OJPEG input."
Max CVSS
4.3
EPSS Score
1.05%
Published
2010-07-02
Updated
2013-05-15
The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers an array index error, related to "downsampled OJPEG input."
Max CVSS
4.3
EPSS Score
2.40%
Published
2010-07-02
Updated
2013-05-15
The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a TIFF file with an invalid combination of SamplesPerPixel and Photometric values.
Max CVSS
4.3
EPSS Score
2.77%
Published
2010-07-06
Updated
2023-02-13
LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted TIFF file, a different vulnerability than CVE-2010-2443.
Max CVSS
4.3
EPSS Score
11.13%
Published
2010-07-06
Updated
2023-02-13
The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file.
Max CVSS
4.3
EPSS Score
1.32%
Published
2010-07-06
Updated
2023-02-13
The OJPEGReadBufferFill function in tif_ojpeg.c in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an OJPEG image with undefined strip offsets, related to the TIFFVGetField function.
Max CVSS
5.0
EPSS Score
4.95%
Published
2010-06-24
Updated
2013-05-15
tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF image, related to "downsampled OJPEG input."
Max CVSS
7.5
EPSS Score
18.65%
Published
2010-07-02
Updated
2023-02-13
Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file.
Max CVSS
6.8
EPSS Score
2.76%
Published
2010-06-24
Updated
2023-02-13
Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow.
Max CVSS
6.8
EPSS Score
5.06%
Published
2010-06-24
Updated
2013-05-15
13 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!