Lee Howard

6 exploits Active since Jul 2025
CVE-2025-61144 WRITEUP HIGH WRITEUP
libtiff <4.7.1 - Buffer Overflow
libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.
CVSS 7.3
CVE-2025-61144 WRITEUP HIGH WRITEUP
libtiff <4.7.1 - Buffer Overflow
libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.
CVSS 7.3
CVE-2024-13978 WRITEUP LOW WRITEUP
Libtiff < 4.7.0 - NULL Pointer Dereference
A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function t2p_read_tiff_init of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation appears to be difficult. The patch is named 2ebfffb0e8836bfb1cd7d85c059cd285c59761a4. It is recommended to apply a patch to fix this issue.
CVSS 2.5
CVE-2025-8176 WRITEUP MEDIUM WRITEUP
Libtiff < 4.7.0 - Use After Free
A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function get_histogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as fe10872e53efba9cc36c66ac4ab3b41a839d5172. It is recommended to apply a patch to fix this issue.
CVSS 5.3
CVE-2025-8177 WRITEUP MEDIUM WRITEUP
Libtiff < 4.7.0 - Memory Corruption
A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It is recommended to apply a patch to fix this issue. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS 5.3
CVE-2025-8851 WRITEUP MEDIUM WRITEUP
Libtiff < 4.5.1 - Memory Corruption
A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The patch is identified as 8a7a48d7a645992ca83062b3a1873c951661e2b3. It is recommended to apply a patch to fix this issue.
CVSS 5.3