CVE-2018-10963 |
Medium |
Yes |
Denial of service |
The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF before 4.0.10 allows remote attackers to cause a denial of service (assertion failure and... |
CVE-2018-8905 |
High |
Yes |
Arbitrary code execution |
In LibTIFF before 4.0.10, a heap-based buffer overflow (out-of-bounds write) occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as... |
CVE-2018-7456 |
Medium |
Yes |
Denial of service |
A null pointer dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF before 4.0.10 when using the tiffinfo tool to print crafted... |
CVE-2018-5784 |
Medium |
Yes |
Denial of service |
In LibTIFF before 4.0.10, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage this... |
CVE-2017-18013 |
Medium |
Yes |
Denial of service |
A null-pointer dereference issue has been found in libtiff before 4.0.10, in the TIFFPrintDirectory() function in tiffinfo.c, while parsing the "1 Strips: "... |