This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:libtiff:libtiff:3.5.7
Detail
VendorLibtiffFirst view 2004-12-21
ProductLibtiffLast view2019-08-14
Version3.5.7TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:libtiff:libtiff

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32019-08-14CVE-2019-14973NetworkMediumNone Requ...
4.32018-05-09CVE-2018-10963NetworkMediumNone Requ...
6.82018-03-11CVE-2016-5314NetworkMediumNone Requ...
6.82018-01-13CVE-2018-5360NetworkMediumNone Requ...
4.32017-06-26CVE-2017-9937NetworkMediumNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
6.82017-06-26CVE-2017-9935NetworkMediumNone Requ...
4.32017-04-11CVE-2016-5322NetworkMediumNone Requ...
4.32017-03-07CVE-2016-5315NetworkMediumNone Requ...
4.32017-02-06CVE-2016-9532NetworkMediumNone Requ...
4.32017-02-06CVE-2016-5102NetworkMediumNone Requ...
6.42017-01-23CVE-2016-6223NetworkLowNone Requ...
52017-01-20CVE-2016-5323NetworkLowNone Requ...
4.32017-01-20CVE-2016-5321NetworkMediumNone Requ...
4.32017-01-20CVE-2016-5319NetworkMediumNone Requ...
4.32017-01-20CVE-2016-5318NetworkMediumNone Requ...
4.32017-01-20CVE-2016-5316NetworkMediumNone Requ...
5.82016-12-06CVE-2015-8870NetworkMediumNone Requ...
52016-10-03CVE-2016-3658NetworkLowNone Requ...
52016-10-03CVE-2016-3634NetworkLowNone Requ...
52016-10-03CVE-2016-3633NetworkLowNone Requ...
52016-10-03CVE-2016-3631NetworkLowNone Requ...
4.32016-10-03CVE-2016-3625NetworkMediumNone Requ...
52016-10-03CVE-2016-3624NetworkLowNone Requ...
52016-10-03CVE-2016-3623NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
42% (24)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
22% (13)CWE-125Out-of-bounds Read
10% (6)CWE-787Out-of-bounds Write
10% (6)CWE-189Numeric Errors
5% (3)CWE-190Integer Overflow or Wraparound
Hide | Show 3 More...
%idName
3% (2)CWE-369Divide By Zero
3% (2)CWE-20Improper Input Validation
1% (1)CWE-617Reachable Assertion

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:11497Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3....
oval:org.mitre.oval:def:10639The EstimateStripByteCounts function in TIFF library (libtiff) before 3.8.2 u...
oval:org.mitre.oval:def:21527RHSA-2012:1054: libtiff security update (Important)
oval:org.mitre.oval:def:17902USN-1498-1 -- tiff vulnerabilities
oval:org.mitre.oval:def:23926ELSA-2012:1054: libtiff security update (Important)
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:22815DEPRECATED: ELSA-2012:1054: libtiff security update (Important)
oval:org.mitre.oval:def:27857DEPRECATED: ELSA-2012-1054 -- libtiff security update (important)
oval:org.mitre.oval:def:9067Unspecified vulnerability in the custom tag support for the TIFF library (lib...
oval:org.mitre.oval:def:9893Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent atta...
oval:org.mitre.oval:def:18023DSA-2561-1 tiff - buffer overflow
oval:org.mitre.oval:def:21952RHSA-2011:0452: libtiff security update (Important)
oval:org.mitre.oval:def:13752USN-1120-1 -- tiff vulnerability
oval:org.mitre.oval:def:12818DSA-2256-1 tiff -- buffer overflow
oval:org.mitre.oval:def:23127ELSA-2011:0452: libtiff security update (Important)
oval:org.mitre.oval:def:28100DEPRECATED: ELSA-2011-0452 -- libtiff security update (important)
oval:org.mitre.oval:def:11389Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows contex...
oval:org.mitre.oval:def:8896Multiple vulnerabilities in the RLE (run length encoding) decoders for libtif...
oval:org.mitre.oval:def:100114libtiff RLE Decoder Buffer Overflow Vulnerabilities
oval:org.mitre.oval:def:11175Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for lib...
oval:org.mitre.oval:def:10916TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to pas...
oval:org.mitre.oval:def:10593Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff b...
oval:org.mitre.oval:def:25031DSA-2965-1 tiff - security update
oval:org.mitre.oval:def:9392Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff 3.5.7 an...
oval:org.mitre.oval:def:100117libtiff Directory Entry Count Integer Overflow Vulnerability
oval:org.mitre.oval:def:21901RHSA-2011:0392: libtiff security and bug fix update (Important)

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
72260LibTIFF OJPEG Decoder tif_ojpeg.c Crafted TIFF File Handling Overflow
72233LibTIFF tiffdump tiffdump.c ReadDirectory Function Overflow DoS
71256LibTIFF Thunderscan Decoder Incorrect bitspersample Overflow
66083LibTIFF td_stripbytecount Field Handling Weakness Crafted TIFF File DoS
66082LibTIFF TIFFExtractData Macro Crafted TIFF File Directory Entry Unknown Tag T...
Hide | Show 20 More...
idDescription
65795LibTIFF OJPEG File Handling Unspecified DoS
65754LibTIFF TIFFroundup Macro TIFF File Handling Overflow
65676LibTIFF tif_dirread.c TIFFFetchSubjectDistance Function SubjectDistance Field...
47795LibTIFF LZW Decoder libtiff/tif_lzw.c Multiple Function TIFF Decoder Underflow
27729LibTIFF Custom Tag Support Unspecified Issue
27728LibTIFF Directory Handling Large Offset Unspecified Issue
27727LibTIFF EstimateStripByteCounts Function Malformed td_nstrips Value DoS
27726LibTIFF NeXT RLE Decoder Image Handling Overflow
27725LibTIFF PixarLog Decoder Unspecified Overflow
27724LibTIFF JPEG Decoder Encoded JPEG Stream Overflow
27723LibTIFF tif_dirread.c TIFFFetchShortPair Function Overflow
26031LibTIFF tiff2pdf t2p_write_pdf_string Function Overflow
26030LibTIFF tiffsplit Filename Processing Overflow
25020LibTIFF Cleanup Functions setfield/getfield Method Arbitrary Code Execution
25019LibTIFF tif_dirread.c TIFFFetchData Function Overflow
25018LibTIFF TIFFFetchAnyArray() Function DoS
18856LibTIFF TIFF Image YCbCr subsampling Zero Value DoS
16350LibTIFF BitsPerSample Tag Overflow
12724LibTIFF tiffdump Utility Overflow
12556LibTIFF STRIPOFFSETS Flag TIFFFetchStripThing() Function Overflow

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2013-09-18Name : Debian Security Advisory DSA 2589-1 (tiff - buffer overflow)
File : nvt/deb_2589_1.nasl
2012-12-31Name : Mandriva Update for libtiff MDVSA-2012:184 (libtiff)
File : nvt/gb_mandriva_MDVSA_2012_184.nasl
2012-12-31Name : Fedora Update for libtiff FEDORA-2012-20404
File : nvt/gb_fedora_2012_20404_libtiff_fc16.nasl
2012-12-31Name : Fedora Update for libtiff FEDORA-2012-20446
File : nvt/gb_fedora_2012_20446_libtiff_fc17.nasl
2012-12-26Name : RedHat Update for libtiff RHSA-2012:1590-01
File : nvt/gb_RHSA-2012_1590-01_libtiff.nasl
Hide | Show 20 More...
idDescription
2012-12-26Name : CentOS Update for libtiff CESA-2012:1590 centos5
File : nvt/gb_CESA-2012_1590_libtiff_centos5.nasl
2012-12-26Name : CentOS Update for libtiff CESA-2012:1590 centos6
File : nvt/gb_CESA-2012_1590_libtiff_centos6.nasl
2012-12-06Name : Ubuntu Update for tiff USN-1655-1
File : nvt/gb_ubuntu_USN_1655_1.nasl
2012-11-23Name : Mandriva Update for libtiff MDVSA-2012:174 (libtiff)
File : nvt/gb_mandriva_MDVSA_2012_174.nasl
2012-11-19Name : Ubuntu Update for tiff USN-1631-1
File : nvt/gb_ubuntu_USN_1631_1.nasl
2012-10-29Name : Debian Security Advisory DSA 2561-1 (tiff)
File : nvt/deb_2561_1.nasl
2012-10-03Name : Debian Security Advisory DSA 2552-1 (tiff)
File : nvt/deb_2552_1.nasl
2012-09-26Name : Gentoo Security Advisory GLSA 201209-02 (tiff)
File : nvt/glsa_201209_02.nasl
2012-08-30Name : Fedora Update for libtiff FEDORA-2012-10081
File : nvt/gb_fedora_2012_10081_libtiff_fc17.nasl
2012-08-30Name : Fedora Update for libtiff FEDORA-2012-11000
File : nvt/gb_fedora_2012_11000_libtiff_fc17.nasl
2012-08-14Name : Fedora Update for libtiff FEDORA-2012-10978
File : nvt/gb_fedora_2012_10978_libtiff_fc16.nasl
2012-08-09Name : Mandriva Update for libtiff MDVSA-2012:127 (libtiff)
File : nvt/gb_mandriva_MDVSA_2012_127.nasl
2012-07-30Name : CentOS Update for libtiff CESA-2012:1054 centos5
File : nvt/gb_CESA-2012_1054_libtiff_centos5.nasl
2012-07-30Name : CentOS Update for libtiff CESA-2012:1054 centos6
File : nvt/gb_CESA-2012_1054_libtiff_centos6.nasl
2012-07-30Name : CentOS Update for libtiff CESA-2011:0392 centos5 x86_64
File : nvt/gb_CESA-2011_0392_libtiff_centos5_x86_64.nasl
2012-07-23Name : Ubuntu Update for tiff USN-1511-1
File : nvt/gb_ubuntu_USN_1511_1.nasl
2012-07-16Name : Fedora Update for libtiff FEDORA-2012-10089
File : nvt/gb_fedora_2012_10089_libtiff_fc16.nasl
2012-07-06Name : Mandriva Update for libtiff MDVSA-2012:101 (libtiff)
File : nvt/gb_mandriva_MDVSA_2012_101.nasl
2012-07-06Name : Ubuntu Update for tiff USN-1498-1
File : nvt/gb_ubuntu_USN_1498_1.nasl
2012-07-06Name : RedHat Update for libtiff RHSA-2012:1054-01
File : nvt/gb_RHSA-2012_1054-01_libtiff.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2014-B-0024Multiple Security Vulnerabilities in Apple iOS
Severity : Category I - VMSKEY : V0046157
2013-A-0048Multiple Remote Code Execution Vulnerabilities in BlackBerry Enterprise Server
Severity : Category I - VMSKEY : V0036903
2008-B-0078Multiple Vulnerabilities in VMware
Severity : Category I - VMSKEY : V0017874

Snort® IPS/IDS

DateDescription
2014-01-10Microsoft Office TIFF filter buffer overflow attempt
RuleID : 28391 - Type : FILE-OFFICE - Revision : 3
2014-01-10Microsoft Office TIFF filter buffer overflow attempt
RuleID : 28390 - Type : FILE-OFFICE - Revision : 3
2014-01-10Adobe Acrobat Reader libtiff TIFFFetchShortPair stack buffer overflow attempt
RuleID : 23518 - Type : FILE-PDF - Revision : 5
2014-01-10Adobe Acrobat Reader libtiff TIFFFetchShortPair stack buffer overflow attempt
RuleID : 23517 - Type : FILE-PDF - Revision : 5
2014-01-10Public LibTiff Exploit
RuleID : 20295 - Type : FILE-IMAGE - Revision : 13
Hide | Show 3 More...
DateDescription
2014-01-10Adobe Reader and Acrobat Libtiff TIFFFetchShortPair stack buffer overflow att...
RuleID : 20294 - Type : FILE-IMAGE - Revision : 10
2014-01-10Adobe Acrobat Reader libtiff TIFFFetchShortPair stack buffer overflow attempt
RuleID : 17215 - Type : FILE-PDF - Revision : 12
2014-01-10Adobe Acrobat Reader libtiff TIFFFetchShortPair stack buffer overflow attempt
RuleID : 17214 - Type : FILE-PDF - Revision : 12

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-d41d114d3e.nasl - Type : ACT_GATHER_INFO
2018-12-01Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4349.nasl - Type : ACT_GATHER_INFO
2018-11-13Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2018-316-01.nasl - Type : ACT_GATHER_INFO
2018-08-17Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2017-2_0-0007.nasl - Type : ACT_GATHER_INFO
2018-07-24Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2018-2_0-0013.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2018-07-24Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2018-2_0-0016.nasl - Type : ACT_GATHER_INFO
2018-07-24Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2018-2_0-0060.nasl - Type : ACT_GATHER_INFO
2018-07-03Name : The remote Debian host is missing a security update.
File : debian_DLA-1411.nasl - Type : ACT_GATHER_INFO
2018-06-28Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1165.nasl - Type : ACT_GATHER_INFO
2018-06-07Name : The remote Fedora host is missing a security update.
File : fedora_2018-44c6f91560.nasl - Type : ACT_GATHER_INFO
2018-02-09Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_b38e8150053511e896ab0800271d4b9c.nasl - Type : ACT_GATHER_INFO
2018-01-29Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4100.nasl - Type : ACT_GATHER_INFO
2017-12-21Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL11220361.nasl - Type : ACT_GATHER_INFO
2017-12-13Name : The remote Debian host is missing a security update.
File : debian_DLA-1206.nasl - Type : ACT_GATHER_INFO
2017-11-21Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2017-324-01.nasl - Type : ACT_GATHER_INFO
2017-08-08Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3212-4.nasl - Type : ACT_GATHER_INFO
2017-07-20Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3212-3.nasl - Type : ACT_GATHER_INFO
2017-07-13Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-0225.nasl - Type : ACT_GATHER_INFO
2017-05-31Name : The remote Debian host is missing a security update.
File : debian_DLA-969.nasl - Type : ACT_GATHER_INFO
2017-05-16Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL24923910.nasl - Type : ACT_GATHER_INFO
2017-05-04Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3844.nasl - Type : ACT_GATHER_INFO
2017-05-01Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2016-1034.nasl - Type : ACT_GATHER_INFO
2017-05-01Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1019.nasl - Type : ACT_GATHER_INFO
2017-05-01Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1020.nasl - Type : ACT_GATHER_INFO
2017-05-01Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1043.nasl - Type : ACT_GATHER_INFO