Libtiff : Security Vulnerabilities, CVEs, Published In 2011
Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value.
Max CVSS
6.8
EPSS Score
23.94%
Published
2011-03-28
Updated
2023-02-13
Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF file containing a directory data structure with many directory entries.
Max CVSS
4.3
EPSS Score
4.48%
Published
2011-05-03
Updated
2023-02-13
Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in LibTIFF before 3.9.5 allows remote attackers to execute arbitrary code via a crafted TIFF file.
Max CVSS
6.8
EPSS Score
26.80%
Published
2011-05-03
Updated
2023-02-13
3 vulnerabilities found