Download
| Alert*
oval:org.secpod.oval:def:89043844
This update for tiff fixes the following security issues: - CVE-2017-5225: Prevent heap buffer overflow in the tools/tiffcp that could have caused DoS or code execution via a crafted BitsPerSample value - CVE-2018-7456: Prevent a NULL Pointer dereference in the function TIFFPrintDirectory when usin ... oval:org.secpod.oval:def:704026 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:1800122 CVE-2016-9273: heap-buffer-overflow in cpStrips. Reference: CVE-2016-9297: segfault in _TIFFPrintField. Reference: CVE-2016-9448: Invalid read of size 1 in TIFFFetchNormalTag. Fix for CVE-2016-9297 introduced this issue. oval:org.secpod.oval:def:2101457 Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file. oval:org.secpod.oval:def:52019 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:89002449 This update for tiff fixes the following issues: - CVE-2016-9453: The t2p_readwrite_pdf_image_tile function allowed remote attackers to cause a denial of service or possibly execute arbitrary code via a JPEG file with a TIFFTAG_JPEGTABLES of length one . - CVE-2016-5652: An exploitable heap-based b ... oval:org.secpod.oval:def:89002081 This update for tiff to version 4.0.9 fixes the following issues: Security issues fixed: - CVE-2014-8128: Fix out-of-bounds read with malformed TIFF image in multiple tools . - CVE-2015-7554: Fix invalid write in tiffsplit / _TIFFVGetField . - CVE-2016-10095: Fix stack-based buffer overflow in _TIFF ... |