Libtiff : Security vulnerabilities, CVEs published in 2011

Copy

CVE-2011-1167

Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value.

Max CVSS

6.8

EPSS Score

23.94%

Published

2011-03-28

Updated

2023-02-13

CVE-2010-4665

Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF file containing a directory data structure with many directory entries.

Max CVSS

4.3

EPSS Score

4.48%

Published

2011-05-03

Updated

2023-02-13

CVE-2009-5022

Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in LibTIFF before 3.9.5 allows remote attackers to execute arbitrary code via a crafted TIFF file.

Max CVSS

6.8

EPSS Score

26.80%

Published

2011-05-03

Updated

2023-02-13

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!