Information on source package tiff3

Available versions

ReleaseVersion
wheezy3.9.6-11
wheezy (security)3.9.6-11+deb7u7

Open issues

BugwheezyDescription
CVE-2017-9935vulnerableIn LibTIFF 4.0.8, there is a heap-based buffer overflow in the ...
CVE-2017-9815vulnerable (no DSA)In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in ...
CVE-2017-12944vulnerableThe TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 ...
CVE-2017-11613vulnerableIn LibTIFF 4.0.8, there is a denial of service vulnerability in the ...
CVE-2017-11335vulnerableThere is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF ...
CVE-2016-10371vulnerable (no DSA)The TIFFWriteDirectoryTagCheckedRational function in tif_dirwrite.c in ...

Resolved issues

BugDescription
CVE-2017-9936In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c. A crafted TIFF ...
CVE-2017-9404In LibTIFF 4.0.7, a memory leak vulnerability was found in the function ...
CVE-2017-9403In LibTIFF 4.0.7, a memory leak vulnerability was found in the function ...
CVE-2017-9147LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField function in ...
CVE-2017-9117In LibTIFF 4.0.7, the program processes BMP images without verifying ...
CVE-2017-7602LibTIFF 4.0.7 has a signed integer overflow, which might allow remote ...
CVE-2017-7601LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" ...
CVE-2017-7600LibTIFF 4.0.7 has an "outside the range of representable values of type ...
CVE-2017-7599LibTIFF 4.0.7 has an "outside the range of representable values of type ...
CVE-2017-7598tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a ...
CVE-2017-7597tif_dirread.c in LibTIFF 4.0.7 has an "outside the range of ...
CVE-2017-7596LibTIFF 4.0.7 has an "outside the range of representable values of type ...
CVE-2017-7595The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows ...
CVE-2017-7594The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in ...
CVE-2017-7593tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is ...
CVE-2017-7592The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a ...
CVE-2017-10688In LibTIFF 4.0.8, there is a assertion abort in the ...
CVE-2016-9540tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled ...
CVE-2016-9539tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in ...
CVE-2016-9538tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in ...
CVE-2016-9537tools/tiffcrop.c in libtiff 4.0.6 has out-of-bounds write ...
CVE-2016-9536tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write ...
CVE-2016-9535tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that ...
CVE-2016-9534tif_write.c in libtiff 4.0.6 has an issue in the error code path of ...
CVE-2016-9533tif_pixarlog.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities ...
CVE-2016-9532Integer overflow in the writeBufferToSeparateStrips function in ...
CVE-2016-9453The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote ...
CVE-2016-9297The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote ...
CVE-2016-9273tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial ...
CVE-2016-8331An exploitable remote code execution vulnerability exists in the ...
CVE-2016-6223The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.c in ...
CVE-2016-5875tiff: heap-based buffer overflow when using the PixarLog compression format
CVE-2016-5652An exploitable heap-based buffer overflow exists in the handling of ...
CVE-2016-5323The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote ...
CVE-2016-5322The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier ...
CVE-2016-5321The DumpModeDecode function in libtiff 4.0.6 and earlier allows ...
CVE-2016-5320rgb2ycbcr: command excution
CVE-2016-5319Heap-based buffer overflow in tif_packbits.c in libtiff 4.0.6 and ...
CVE-2016-5318Stack-based buffer overflow in the _TIFFVGetField function in libtiff ...
CVE-2016-5317Buffer overflow in the PixarLogDecode function in libtiff.so in the ...
CVE-2016-5316Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c ...
CVE-2016-5315The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier ...
CVE-2016-5314PixarLogDecode() out-of-bound writes
CVE-2016-5102Buffer overflow in the readgifimage function in gif2tiff.c in the ...
CVE-2016-3991Heap-based buffer overflow in the loadImage function in the tiffcrop ...
CVE-2016-3990Heap-based buffer overflow in the horizontalDifference8 function in ...
CVE-2016-3945Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile ...
CVE-2016-3658The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in ...
CVE-2016-3634The tagCompare function in tif_dirinfo.c in the thumbnail tool in ...
CVE-2016-3633The setrow function in the thumbnail tool in LibTIFF 4.0.6 and earlier ...
CVE-2016-3632The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and ...
CVE-2016-3631The (1) cpStrips and (2) cpTiles functions in the thumbnail tool in ...
CVE-2016-3625tif_read.c in the tiff2bw tool in LibTIFF 4.0.6 and earlier allows ...
CVE-2016-3624The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and ...
CVE-2016-3623The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote ...
CVE-2016-3622The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF ...
CVE-2016-3621The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTIFF ...
CVE-2016-3620The ZIPEncode function in tif_zip.c in the bmp2tiff tool in LibTIFF ...
CVE-2016-3619The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in ...
CVE-2016-3186Buffer overflow in the readextension function in gif2tiff.c in LibTIFF ...
CVE-2016-10272LibTIFF 4.0.7 allows remote attackers to cause a denial of service ...
CVE-2016-10271tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a ...
CVE-2016-10270LibTIFF 4.0.7 allows remote attackers to cause a denial of service ...
CVE-2016-10269LibTIFF 4.0.7 allows remote attackers to cause a denial of service ...
CVE-2016-10268tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a ...
CVE-2016-10267LibTIFF 4.0.7 allows remote attackers to cause a denial of service ...
CVE-2016-10266LibTIFF 4.0.7 allows remote attackers to cause a denial of service ...
CVE-2016-10095Stack-based buffer overflow in the _TIFFVGetField function in ...
CVE-2016-10094Off-by-one error in the t2p_readwrite_pdf_image_tile function in ...
CVE-2016-10093Integer overflow in tools/tiffcp.c in LibTIFF 4.0.7 allows remote ...
CVE-2016-10092Heap-based buffer overflow in the readContigStripsIntoBuffer function ...
CVE-2015-8870Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows ...
CVE-2015-8784The NeXTDecode function in tif_next.c in LibTIFF allows remote ...
CVE-2015-8783tif_luv.c in libtiff allows attackers to cause a denial of service ...
CVE-2015-8782tif_luv.c in libtiff allows attackers to cause a denial of service ...
CVE-2015-8781tif_luv.c in libtiff allows attackers to cause a denial of service ...
CVE-2015-8683The putcontig8bitCIELab function in tif_getimage.c in LibTIFF 4.0.6 ...
CVE-2015-8668Heap-based buffer overflow in the PackBitsPreEncode function in ...
CVE-2015-8665tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a ...
CVE-2015-7554The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows ...
CVE-2015-7313LibTIFF allows remote attackers to cause a denial of service (memory ...
CVE-2015-1547The NeXTDecode function in tif_next.c in LibTIFF allows remote ...
CVE-2014-9655The (1) putcontig8bitYCbCr21tile function in tif_getimage.c or (2) ...
CVE-2014-9330Integer overflow in tif_packbits.c in bmp2tif in libtiff 4.0.3 allows ...
CVE-2014-8130divide by zero
CVE-2014-8129out-of-bound read and write
CVE-2014-8128out-of-bounds write
CVE-2014-8127LibTIFF 4.0.3 allows remote attackers to cause a denial of service ...
CVE-2013-4244The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier ...
CVE-2013-4243Heap-based buffer overflow in the readgifimage function in the ...
CVE-2013-4232Use-after-free vulnerability in the t2p_readwrite_pdf_image function ...
CVE-2013-4231Multiple buffer overflows in libtiff before 4.0.3 allow remote ...
CVE-2013-1961Stack-based buffer overflow in the t2p_write_pdf_page function in ...
CVE-2013-1960Heap-based buffer overflow in the t2p_process_jpeg_strip function in ...
CVE-2012-5581Stack-based buffer overflow in tif_dir.c in LibTIFF before 4.0.2 ...
CVE-2012-4564ppm2tiff does not check the return value of the TIFFScanlineSize ...
CVE-2012-4447Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 ...
CVE-2012-3401The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in ...
CVE-2012-2113Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow ...
CVE-2012-2088Integer signedness error in the TIFFReadDirectory function in ...
CVE-2012-1173Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow ...
CVE-2011-1167Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in ...
CVE-2011-0192Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other ...
CVE-2011-0191Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used ...
CVE-2010-4665Integer overflow in the ReadDirectory function in tiffdump.c in ...
CVE-2010-3087LibTIFF before 3.9.2-5.2.1 in SUSE openSUSE 11.3 allows remote ...
CVE-2010-2631LibTIFF 3.9.0 ignores tags in certain situations during the first ...
CVE-2010-2630The TIFFReadDirectory function in LibTIFF 3.9.0 does not properly ...
CVE-2010-2598LibTIFF in Red Hat Enterprise Linux (RHEL) 3 on x86_64 platforms, as ...
CVE-2010-2597The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 ...
CVE-2010-2596The OJPEGPostDecode function in tif_ojpeg.c in LibTIFF 3.9.0 and ...
CVE-2010-2595The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ...
CVE-2010-2483The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers ...
CVE-2010-2482LibTIFF 3.9.4 and earlier does not properly handle an invalid ...
CVE-2010-2481The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly ...
CVE-2010-2443The OJPEGReadBufferFill function in tif_ojpeg.c in LibTIFF before ...
CVE-2010-2233tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used ...
CVE-2010-2067Stack-based buffer overflow in the TIFFFetchSubjectDistance function ...
CVE-2010-2065Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 ...
CVE-2010-1411Multiple integer overflows in the Fax3SetupState function in ...
CVE-2009-5022Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in ...
CVE-2009-2347Multiple integer overflows in inter-color spaces conversion tools in ...
CVE-2009-2285Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 ...
CVE-2008-2327Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, ...
CVE-2006-3465Unspecified vulnerability in the custom tag support for the TIFF ...
CVE-2006-3464TIFF library (libtiff) before 3.8.2 allows context-dependent attackers ...
CVE-2006-3463The EstimateStripByteCounts function in TIFF library (libtiff) before ...
CVE-2006-3462Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library ...
CVE-2006-3461Heap-based buffer overflow in the PixarLog decoder in the TIFF library ...
CVE-2006-3460Heap-based buffer overflow in the JPEG decoder in the TIFF library ...
CVE-2006-3459Multiple stack-based buffer overflows in the TIFF library (libtiff) ...
CVE-2006-2656Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 ...
CVE-2006-2193Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff ...
CVE-2006-2120The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers ...
CVE-2006-2026Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows ...
CVE-2006-2025Integer overflow in the TIFFFetchData function in tif_dirread.c for ...
CVE-2006-2024Multiple vulnerabilities in libtiff before 3.8.1 allow ...
CVE-2006-0405The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 ...
CVE-2005-2452libtiff up to 3.7.0 allows remote attackers to cause a denial of ...
CVE-2005-1544Stack-based buffer overflow in libTIFF before 3.7.2 allows remote ...
CVE-2004-1308Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff ...
CVE-2004-1307Integer overflow in the TIFFFetchStripThing function in tif_dirread.c ...
CVE-2004-1183Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier ...
CVE-2004-0886Multiple integer overflows in libtiff 3.6.1 and earlier allow remote ...
CVE-2004-0804Vulnerability in tif_dirread.c for libtiff allows remote attackers to ...
CVE-2004-0803Multiple vulnerabilities in the RLE (run length encoding) decoders for ...

Security announcements

DSA / DLADescription
DLA-1023-1tiff3 - security update
DLA-983-1tiff3 - security update
DLA-912-1tiff3 - security update
DLA-880-1tiff3 - security update
DLA-610-2tiff3 - regression update
DLA-692-1tiff3 - security update
DLA-610-1tiff3 - security update

Search for package or bug name: Reporting problems