Download
| Alert*
|
oval:org.secpod.oval:def:39718
The host is missing a security update according to Apple advisory, APPLE-SA-2017-03-27-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:39710 The host is installed with Apple Mac OS X or Server 10.12.3 and is prone to a t2p_process_jpeg_strip heap buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:204091 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ... oval:org.secpod.oval:def:602743 Multiple vulnerabilities have been discovered in the libtiff library and the included tools tiff2rgba, rgb2ycbcr, tiffcp, tiffcrop, tiff2pdf and tiffsplit, which may result in denial of service, memory disclosure or the execution of arbitrary code. There were additional vulnerabilities in the tools ... oval:org.secpod.oval:def:1600515 Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an application linked against libtiff into processing specially crafted files. Multiple flaws have been discovered in va ... oval:org.secpod.oval:def:204092 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ... oval:org.secpod.oval:def:2101319 tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers in t2p_process_jpeg_strip(). Reported as MSVR 35098, aka "t2p_process_jpeg_strip heap-buffer-overflow." oval:org.secpod.oval:def:51731 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:501973 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ... oval:org.secpod.oval:def:1501752 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501753 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:703489 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:89002449 This update for tiff fixes the following issues: - CVE-2016-9453: The t2p_readwrite_pdf_image_tile function allowed remote attackers to cause a denial of service or possibly execute arbitrary code via a JPEG file with a TIFFTAG_JPEGTABLES of length one . - CVE-2016-5652: An exploitable heap-based b ... |
