Total vulnerabilities in the database
Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff 3.5.7 and 3.7.0 allows remote attackers to execute arbitrary code via a TIFF file containing a TIFF_ASCII or TIFF_UNDEFINED directory entry with a -1 entry count, which leads to a heap-based buffer overflow.
| Software | From | Fixed in |
|---|---|---|
| libtiff / libtiff | 3.6.1 | 3.6.1.x |
| libtiff / libtiff | 3.4 | 3.4.x |
| libtiff / libtiff | 3.5.7 | 3.5.7.x |
| libtiff / libtiff | 3.7.0 | 3.7.0.x |
| libtiff / libtiff | 3.6.0 | 3.6.0.x |
| libtiff / libtiff | 3.5.3 | 3.5.3.x |
| libtiff / libtiff | 3.5.4 | 3.5.4.x |
| libtiff / libtiff | 3.5.2 | 3.5.2.x |
| libtiff / libtiff | 3.5.5 | 3.5.5.x |
| libtiff / libtiff | 3.5.1 | 3.5.1.x |