Libtiff : Security Vulnerabilities, CVEs, Published In 2010 (Memory corruption)
LibTIFF before 3.9.2-5.2.1 in SUSE openSUSE 11.3 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted TIFF image.
Max CVSS
6.8
EPSS Score
2.53%
Published
2010-09-28
Updated
2018-10-30
LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted TIFF file, a different vulnerability than CVE-2010-2443.
Max CVSS
4.3
EPSS Score
11.13%
Published
2010-07-06
Updated
2023-02-13
The OJPEGReadBufferFill function in tif_ojpeg.c in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an OJPEG image with undefined strip offsets, related to the TIFFVGetField function.
Max CVSS
5.0
EPSS Score
4.95%
Published
2010-06-24
Updated
2013-05-15
3 vulnerabilities found