This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:libtiff:libtiff:3.4 |
| Detail | |||
|---|---|---|---|
| Vendor | Libtiff | First view | 2004-12-21 |
| Product | Libtiff | Last view | 2018-05-09 |
| Version | 3.4 | Type | Application |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/a:libtiff:libtiff | ||
Activity : Overall
Related : CVE
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 4.3 | 2018-05-09 | CVE-2018-10963 | Network | Medium | None Requ... | |
| 6.8 | 2018-03-11 | CVE-2016-5314 | Network | Medium | None Requ... | |
| 6.8 | 2018-01-13 | CVE-2018-5360 | Network | Medium | None Requ... | |
| 4.3 | 2017-06-26 | CVE-2017-9937 | Network | Medium | None Requ... | |
| 6.8 | 2017-06-26 | CVE-2017-9935 | Network | Medium | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 4.3 | 2017-04-11 | CVE-2016-5322 | Network | Medium | None Requ... | |
| 4.3 | 2017-03-07 | CVE-2016-5315 | Network | Medium | None Requ... | |
| 4.3 | 2017-02-06 | CVE-2016-9532 | Network | Medium | None Requ... | |
| 4.3 | 2017-02-06 | CVE-2016-5102 | Network | Medium | None Requ... | |
| 6.4 | 2017-01-23 | CVE-2016-6223 | Network | Low | None Requ... | |
| 5 | 2017-01-20 | CVE-2016-5323 | Network | Low | None Requ... | |
| 4.3 | 2017-01-20 | CVE-2016-5321 | Network | Medium | None Requ... | |
| 4.3 | 2017-01-20 | CVE-2016-5319 | Network | Medium | None Requ... | |
| 4.3 | 2017-01-20 | CVE-2016-5318 | Network | Medium | None Requ... | |
| 4.3 | 2017-01-20 | CVE-2016-5316 | Network | Medium | None Requ... | |
| 5.8 | 2016-12-06 | CVE-2015-8870 | Network | Medium | None Requ... | |
| 5 | 2016-10-03 | CVE-2016-3658 | Network | Low | None Requ... | |
| 5 | 2016-10-03 | CVE-2016-3634 | Network | Low | None Requ... | |
| 5 | 2016-10-03 | CVE-2016-3633 | Network | Low | None Requ... | |
| 5 | 2016-10-03 | CVE-2016-3631 | Network | Low | None Requ... | |
| 4.3 | 2016-10-03 | CVE-2016-3625 | Network | Medium | None Requ... | |
| 5 | 2016-10-03 | CVE-2016-3624 | Network | Low | None Requ... | |
| 5 | 2016-10-03 | CVE-2016-3623 | Network | Low | None Requ... | |
| 6.8 | 2016-10-03 | CVE-2016-3621 | Network | Medium | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 44% (25) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 21% (12) | CWE-125 | Out-of-bounds Read |
| 10% (6) | CWE-787 | Out-of-bounds Write |
| 10% (6) | CWE-189 | Numeric Errors |
| 5% (3) | CWE-20 | Improper Input Validation |
| % | id | Name |
|---|---|---|
| 3% (2) | CWE-369 | Divide By Zero |
| 3% (2) | CWE-190 | Integer Overflow or Wraparound |
Oval Markup Language : Definitions
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:11497 | Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.... |
| oval:org.mitre.oval:def:10639 | The EstimateStripByteCounts function in TIFF library (libtiff) before 3.8.2 u... |
| oval:org.mitre.oval:def:21527 | RHSA-2012:1054: libtiff security update (Important) |
| oval:org.mitre.oval:def:17902 | USN-1498-1 -- tiff vulnerabilities |
| oval:org.mitre.oval:def:23926 | ELSA-2012:1054: libtiff security update (Important) |
| id | Name |
|---|---|
| oval:org.mitre.oval:def:22815 | DEPRECATED: ELSA-2012:1054: libtiff security update (Important) |
| oval:org.mitre.oval:def:27857 | DEPRECATED: ELSA-2012-1054 -- libtiff security update (important) |
| oval:org.mitre.oval:def:9067 | Unspecified vulnerability in the custom tag support for the TIFF library (lib... |
| oval:org.mitre.oval:def:9893 | Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent atta... |
| oval:org.mitre.oval:def:18023 | DSA-2561-1 tiff - buffer overflow |
| oval:org.mitre.oval:def:21952 | RHSA-2011:0452: libtiff security update (Important) |
| oval:org.mitre.oval:def:13752 | USN-1120-1 -- tiff vulnerability |
| oval:org.mitre.oval:def:12818 | DSA-2256-1 tiff -- buffer overflow |
| oval:org.mitre.oval:def:23127 | ELSA-2011:0452: libtiff security update (Important) |
| oval:org.mitre.oval:def:28100 | DEPRECATED: ELSA-2011-0452 -- libtiff security update (important) |
| oval:org.mitre.oval:def:11389 | Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows contex... |
| oval:org.mitre.oval:def:8896 | Multiple vulnerabilities in the RLE (run length encoding) decoders for libtif... |
| oval:org.mitre.oval:def:100114 | libtiff RLE Decoder Buffer Overflow Vulnerabilities |
| oval:org.mitre.oval:def:11175 | Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for lib... |
| oval:org.mitre.oval:def:10916 | TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to pas... |
| oval:org.mitre.oval:def:10593 | Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff b... |
| oval:org.mitre.oval:def:25031 | DSA-2965-1 tiff - security update |
| oval:org.mitre.oval:def:9392 | Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff 3.5.7 an... |
| oval:org.mitre.oval:def:100117 | libtiff Directory Entry Count Integer Overflow Vulnerability |
| oval:org.mitre.oval:def:21901 | RHSA-2011:0392: libtiff security and bug fix update (Important) |
Open Source Vulnerability Database (OSVDB)
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 72260 | LibTIFF OJPEG Decoder tif_ojpeg.c Crafted TIFF File Handling Overflow |
| 72233 | LibTIFF tiffdump tiffdump.c ReadDirectory Function Overflow DoS |
| 71256 | LibTIFF Thunderscan Decoder Incorrect bitspersample Overflow |
| 66083 | LibTIFF td_stripbytecount Field Handling Weakness Crafted TIFF File DoS |
| 66082 | LibTIFF TIFFExtractData Macro Crafted TIFF File Directory Entry Unknown Tag T... |
| id | Description |
|---|---|
| 65795 | LibTIFF OJPEG File Handling Unspecified DoS |
| 65754 | LibTIFF TIFFroundup Macro TIFF File Handling Overflow |
| 65676 | LibTIFF tif_dirread.c TIFFFetchSubjectDistance Function SubjectDistance Field... |
| 47795 | LibTIFF LZW Decoder libtiff/tif_lzw.c Multiple Function TIFF Decoder Underflow |
| 27729 | LibTIFF Custom Tag Support Unspecified Issue |
| 27728 | LibTIFF Directory Handling Large Offset Unspecified Issue |
| 27727 | LibTIFF EstimateStripByteCounts Function Malformed td_nstrips Value DoS |
| 27726 | LibTIFF NeXT RLE Decoder Image Handling Overflow |
| 27725 | LibTIFF PixarLog Decoder Unspecified Overflow |
| 27724 | LibTIFF JPEG Decoder Encoded JPEG Stream Overflow |
| 27723 | LibTIFF tif_dirread.c TIFFFetchShortPair Function Overflow |
| 26031 | LibTIFF tiff2pdf t2p_write_pdf_string Function Overflow |
| 26030 | LibTIFF tiffsplit Filename Processing Overflow |
| 25020 | LibTIFF Cleanup Functions setfield/getfield Method Arbitrary Code Execution |
| 25019 | LibTIFF tif_dirread.c TIFFFetchData Function Overflow |
| 25018 | LibTIFF TIFFFetchAnyArray() Function DoS |
| 16350 | LibTIFF BitsPerSample Tag Overflow |
| 12724 | LibTIFF tiffdump Utility Overflow |
| 12556 | LibTIFF STRIPOFFSETS Flag TIFFFetchStripThing() Function Overflow |
| 12555 | LibTIFF Directory Entry Count Remote Overflow |
OpenVAS Exploits
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2013-09-18 | Name : Debian Security Advisory DSA 2589-1 (tiff - buffer overflow) File : nvt/deb_2589_1.nasl |
| 2012-12-31 | Name : Mandriva Update for libtiff MDVSA-2012:184 (libtiff) File : nvt/gb_mandriva_MDVSA_2012_184.nasl |
| 2012-12-31 | Name : Fedora Update for libtiff FEDORA-2012-20404 File : nvt/gb_fedora_2012_20404_libtiff_fc16.nasl |
| 2012-12-31 | Name : Fedora Update for libtiff FEDORA-2012-20446 File : nvt/gb_fedora_2012_20446_libtiff_fc17.nasl |
| 2012-12-26 | Name : RedHat Update for libtiff RHSA-2012:1590-01 File : nvt/gb_RHSA-2012_1590-01_libtiff.nasl |
| id | Description |
|---|---|
| 2012-12-26 | Name : CentOS Update for libtiff CESA-2012:1590 centos5 File : nvt/gb_CESA-2012_1590_libtiff_centos5.nasl |
| 2012-12-26 | Name : CentOS Update for libtiff CESA-2012:1590 centos6 File : nvt/gb_CESA-2012_1590_libtiff_centos6.nasl |
| 2012-12-06 | Name : Ubuntu Update for tiff USN-1655-1 File : nvt/gb_ubuntu_USN_1655_1.nasl |
| 2012-11-23 | Name : Mandriva Update for libtiff MDVSA-2012:174 (libtiff) File : nvt/gb_mandriva_MDVSA_2012_174.nasl |
| 2012-11-19 | Name : Ubuntu Update for tiff USN-1631-1 File : nvt/gb_ubuntu_USN_1631_1.nasl |
| 2012-10-29 | Name : Debian Security Advisory DSA 2561-1 (tiff) File : nvt/deb_2561_1.nasl |
| 2012-10-03 | Name : Debian Security Advisory DSA 2552-1 (tiff) File : nvt/deb_2552_1.nasl |
| 2012-09-26 | Name : Gentoo Security Advisory GLSA 201209-02 (tiff) File : nvt/glsa_201209_02.nasl |
| 2012-08-30 | Name : Fedora Update for libtiff FEDORA-2012-10081 File : nvt/gb_fedora_2012_10081_libtiff_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for libtiff FEDORA-2012-11000 File : nvt/gb_fedora_2012_11000_libtiff_fc17.nasl |
| 2012-08-14 | Name : Fedora Update for libtiff FEDORA-2012-10978 File : nvt/gb_fedora_2012_10978_libtiff_fc16.nasl |
| 2012-08-09 | Name : Mandriva Update for libtiff MDVSA-2012:127 (libtiff) File : nvt/gb_mandriva_MDVSA_2012_127.nasl |
| 2012-07-30 | Name : CentOS Update for libtiff CESA-2012:1054 centos5 File : nvt/gb_CESA-2012_1054_libtiff_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for libtiff CESA-2012:1054 centos6 File : nvt/gb_CESA-2012_1054_libtiff_centos6.nasl |
| 2012-07-30 | Name : CentOS Update for libtiff CESA-2011:0392 centos5 x86_64 File : nvt/gb_CESA-2011_0392_libtiff_centos5_x86_64.nasl |
| 2012-07-23 | Name : Ubuntu Update for tiff USN-1511-1 File : nvt/gb_ubuntu_USN_1511_1.nasl |
| 2012-07-16 | Name : Fedora Update for libtiff FEDORA-2012-10089 File : nvt/gb_fedora_2012_10089_libtiff_fc16.nasl |
| 2012-07-06 | Name : Mandriva Update for libtiff MDVSA-2012:101 (libtiff) File : nvt/gb_mandriva_MDVSA_2012_101.nasl |
| 2012-07-06 | Name : Ubuntu Update for tiff USN-1498-1 File : nvt/gb_ubuntu_USN_1498_1.nasl |
| 2012-07-06 | Name : RedHat Update for libtiff RHSA-2012:1054-01 File : nvt/gb_RHSA-2012_1054-01_libtiff.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2014-B-0024 | Multiple Security Vulnerabilities in Apple iOS Severity : Category I - VMSKEY : V0046157 |
| 2013-A-0048 | Multiple Remote Code Execution Vulnerabilities in BlackBerry Enterprise Server Severity : Category I - VMSKEY : V0036903 |
| 2008-B-0078 | Multiple Vulnerabilities in VMware Severity : Category I - VMSKEY : V0017874 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Microsoft Office TIFF filter buffer overflow attempt RuleID : 28391 - Type : FILE-OFFICE - Revision : 3 |
| 2014-01-10 | Microsoft Office TIFF filter buffer overflow attempt RuleID : 28390 - Type : FILE-OFFICE - Revision : 3 |
| 2014-01-10 | Adobe Acrobat Reader libtiff TIFFFetchShortPair stack buffer overflow attempt RuleID : 23518 - Type : FILE-PDF - Revision : 5 |
| 2014-01-10 | Adobe Acrobat Reader libtiff TIFFFetchShortPair stack buffer overflow attempt RuleID : 23517 - Type : FILE-PDF - Revision : 5 |
| 2014-01-10 | Public LibTiff Exploit RuleID : 20295 - Type : FILE-IMAGE - Revision : 13 |
| Date | Description |
|---|---|
| 2014-01-10 | Adobe Reader and Acrobat Libtiff TIFFFetchShortPair stack buffer overflow att... RuleID : 20294 - Type : FILE-IMAGE - Revision : 10 |
| 2014-01-10 | Adobe Acrobat Reader libtiff TIFFFetchShortPair stack buffer overflow attempt RuleID : 17215 - Type : FILE-PDF - Revision : 12 |
| 2014-01-10 | Adobe Acrobat Reader libtiff TIFFFetchShortPair stack buffer overflow attempt RuleID : 17214 - Type : FILE-PDF - Revision : 12 |
Nessus® Vulnerability Scanner
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2019-01-03 | Name : The remote Fedora host is missing a security update. File : fedora_2018-d41d114d3e.nasl - Type : ACT_GATHER_INFO |
| 2018-12-01 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-4349.nasl - Type : ACT_GATHER_INFO |
| 2018-11-13 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2018-316-01.nasl - Type : ACT_GATHER_INFO |
| 2018-08-17 | Name : The remote PhotonOS host is missing multiple security updates. File : PhotonOS_PHSA-2017-2_0-0007.nasl - Type : ACT_GATHER_INFO |
| 2018-07-24 | Name : The remote PhotonOS host is missing multiple security updates. File : PhotonOS_PHSA-2018-2_0-0013.nasl - Type : ACT_GATHER_INFO |
| id | Description |
|---|---|
| 2018-07-24 | Name : The remote PhotonOS host is missing multiple security updates. File : PhotonOS_PHSA-2018-2_0-0016.nasl - Type : ACT_GATHER_INFO |
| 2018-07-24 | Name : The remote PhotonOS host is missing multiple security updates. File : PhotonOS_PHSA-2018-2_0-0060.nasl - Type : ACT_GATHER_INFO |
| 2018-07-03 | Name : The remote Debian host is missing a security update. File : debian_DLA-1411.nasl - Type : ACT_GATHER_INFO |
| 2018-06-28 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2018-1165.nasl - Type : ACT_GATHER_INFO |
| 2018-06-07 | Name : The remote Fedora host is missing a security update. File : fedora_2018-44c6f91560.nasl - Type : ACT_GATHER_INFO |
| 2018-02-09 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_b38e8150053511e896ab0800271d4b9c.nasl - Type : ACT_GATHER_INFO |
| 2018-01-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-4100.nasl - Type : ACT_GATHER_INFO |
| 2017-12-21 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL11220361.nasl - Type : ACT_GATHER_INFO |
| 2017-12-13 | Name : The remote Debian host is missing a security update. File : debian_DLA-1206.nasl - Type : ACT_GATHER_INFO |
| 2017-11-21 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2017-324-01.nasl - Type : ACT_GATHER_INFO |
| 2017-08-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-3212-4.nasl - Type : ACT_GATHER_INFO |
| 2017-07-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-3212-3.nasl - Type : ACT_GATHER_INFO |
| 2017-07-13 | Name : The remote Virtuozzo host is missing a security update. File : Virtuozzo_VZLSA-2017-0225.nasl - Type : ACT_GATHER_INFO |
| 2017-05-31 | Name : The remote Debian host is missing a security update. File : debian_DLA-969.nasl - Type : ACT_GATHER_INFO |
| 2017-05-16 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL24923910.nasl - Type : ACT_GATHER_INFO |
| 2017-05-04 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3844.nasl - Type : ACT_GATHER_INFO |
| 2017-05-01 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2016-1034.nasl - Type : ACT_GATHER_INFO |
| 2017-05-01 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2017-1019.nasl - Type : ACT_GATHER_INFO |
| 2017-05-01 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2017-1020.nasl - Type : ACT_GATHER_INFO |
| 2017-05-01 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2017-1043.nasl - Type : ACT_GATHER_INFO |
