Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DLA-221-1
HistoryMay 16, 2015 - 12:00 a.m.

tiff - security update

2015-05-1600:00:00
Google
osv.dev
14

0.057 Low

EPSS

Percentile

93.4%

JSON

Several vulnerabilities have been discovered in the LibTIFF library
and utilities for the Tag Image File Format. These could lead to a
denial of service, information disclosure or privilege escalation.

  • CVE-2014-8128
    William Robinet discovered that out-of-bounds writes are triggered
    in several of the LibTIFF utilities when processing crafted TIFF
    files. Other applications using LibTIFF are also likely to be
    affected in the same way.
  • CVE-2014-8129
    William Robinet discovered that out-of-bounds reads and writes are
    triggered in tiff2pdf when processing crafted TIFF files. Other
    applications using LibTIFF are also likely to be affected in the same
    way.
  • CVE-2014-9330
    Paris Zoumpouloglou discovered that out-of-bounds reads and writes are
    triggered in bmp2tiff when processing crafted BMP files.
  • CVE-2014-9655
    Michal Zalewski discovered that out-of-bounds reads and writes are
    triggered in LibTIFF when processing crafted TIFF files.

For the oldoldstable distribution (squeeze), these problems have been
fixed in version 3.9.4-5+squeeze12.

For the oldstable distribution (wheezy), these problems will be fixed
soon.

The stable distribution (jessie) was not affected by these problems as
they were fixed before release.

Related

openvas 31
debian 4
osv 2
nessus 41
securityvulns 7
ubuntu 2
mageia 3
fedora 4
ubuntucve 6
amazon 3
prion 5
cvelist 5
cve 5
nvd 5
veracode 4
debiancve 5
f5 3
ibm 3
oraclelinux 2
redhat 2
centos 2
slackware 1
altlinux 1
suse 2
gentoo 1
openvas
openvas
Debian: Security Advisory (DLA-221-1)
2023-03-08 00:00:00
Debian: Security Advisory (DSA-3273-1)
2015-05-24 00:00:00
Debian Security Advisory DSA 3273-1 (tiff - security update)
2015-05-25 00:00:00
debian
debian
[SECURITY] [DLA 221-1] tiff security update
2015-05-16 01:31:54
[SECURITY] [DSA 3273-1] tiff security update
2015-05-25 20:54:54
[SECURITY] [DLA 610-1] tiff3 security update
2016-09-04 22:04:45
osv
osv
tiff - security update
2015-05-25 00:00:00
tiff - security update
2016-11-02 00:00:00
nessus
nessus
Debian DLA-221-1 : tiff security update
2015-05-18 00:00:00
Debian DSA-3273-1 : tiff - security update
2015-05-27 00:00:00
Ubuntu 14.04 LTS : LibTIFF regression (USN-2553-2)
2015-04-02 00:00:00
securityvulns
securityvulns
[USN-2553-1] LibTIFF vulnerabilities
2015-04-09 00:00:00
LibTIFF multiple security vulnerabilities
2015-04-13 00:00:00
[ MDVSA-2015:147-1 ] libtiff
2015-04-13 00:00:00
ubuntu
ubuntu
LibTIFF regression
2015-04-01 00:00:00
LibTIFF vulnerabilities
2015-03-31 00:00:00
mageia
mageia
Updated libtiff packages fix security vulnerabilities
2015-03-23 00:42:09
Updated libtiff package fixes security vulnerabilities
2016-01-14 04:44:39
Updated libtiff packages fix security vulnerability
2017-07-01 10:04:05
fedora
fedora
[SECURITY] Fedora 21 Update: libtiff-4.0.3-20.fc21
2015-05-30 15:55:39
[SECURITY] Fedora 22 Update: libtiff-4.0.3-20.fc22
2015-06-02 15:14:07
[SECURITY] Fedora 21 Update: mingw-libtiff-4.0.3-6.fc21
2015-05-04 15:24:27
ubuntucve
ubuntucve
CVE-2015-1547
2016-04-13 00:00:00
CVE-2014-9655
2015-02-07 00:00:00
CVE-2014-8129
2014-12-31 00:00:00
amazon
amazon
Medium: libtiff
2015-06-22 15:07:00
Important: libtiff
2016-08-17 13:30:00
Important: compat-libtiff3
2016-08-17 13:30:00
prion
prion
Code injection
2016-04-13 17:59:00
Out-of-bounds
2018-03-12 02:29:00
Integer overflow
2015-01-20 15:59:00
cvelist
cvelist
CVE-2014-9655
2016-04-13 17:00:00
CVE-2014-8129
2018-03-12 02:00:00
CVE-2014-9330
2015-01-20 15:00:00
cve
cve
CVE-2014-8129
2018-03-12 02:29:00
CVE-2014-9655
2016-04-13 17:59:00
CVE-2014-9330
2015-01-20 15:59:04
nvd
nvd
CVE-2014-8129
2018-03-12 02:29:00
CVE-2014-9330
2015-01-20 15:59:04
CVE-2014-9655
2016-04-13 17:59:00
veracode
veracode
Integer Overflow
2019-05-02 05:45:56
Denial Of Service (DoS)
2018-05-17 10:15:38
Denial Of Service (DoS)
2019-05-02 05:45:56
debiancve
debiancve
CVE-2014-8129
2018-03-12 02:29:00
CVE-2014-9655
2016-04-13 17:59:00
CVE-2014-8128
2020-02-12 03:15:10
f5
f5
K11220361 : LibTIFF vulnerability CVE-2015-1547
2017-09-13 00:00:00
K35155453 : Multiple LibTIFF vulnerabilities
2016-11-08 00:00:00
SOL35155453 - Multiple LibTIFF vulnerabilities
2016-11-08 00:00:00
ibm
ibm
Security Bulletin: Libtiff vulnerabilities affect IBM SmartClound Entry
2020-07-19 00:49:12
Security Bulletin: Multiple vulnerabilities in libtiff affect PowerKVM
2018-06-18 01:33:05
Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in libTIFF
2023-12-07 22:45:03
oraclelinux
oraclelinux
libtiff security update
2016-08-02 00:00:00
libtiff security update
2016-08-02 00:00:00
redhat
redhat
(RHSA-2016:1546) Important: libtiff security update
2016-08-02 14:26:49
(RHSA-2016:1547) Important: libtiff security update
2016-08-02 14:27:54
centos
centos
libtiff security update
2016-08-02 21:57:58
libtiff security update
2016-08-02 15:06:00
slackware
slackware
[slackware-security] libtiff
2017-11-21 06:05:39
altlinux
altlinux
Security fix for the ALT Linux 10 package libtiff version 4.0.10.0.57.f9fc01c3-alt1
2019-04-09 00:00:00
suse
suse
Security update for tiff (important)
2018-01-15 15:15:26
Security update for tiff (important)
2018-01-12 15:08:49
gentoo
gentoo
libTIFF: Multiple vulnerabilities
2017-01-09 00:00:00

0.057 Low

EPSS

Percentile

93.4%

JSON
Related for OSV:DLA-221-1
openvas31debian4osv2nessus41securityvulns7ubuntu2mageia3fedora4ubuntucve6amazon3prion5cvelist5cve5nvd5veracode4debiancve5f53ibm3oraclelinux2redhat2centos2slackware1altlinux1suse2gentoo1