Su Laus

7 exploits Active since Oct 2022

CVE-2022-3598 WRITEUP MEDIUM WRITEUP

LibTIFF 4.4.0 - DoS

LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b.

CVSS 5.5

View Code

CVE-2022-48281 WRITEUP MEDIUM WRITEUP

Libtiff < 4.5.0 - Out-of-Bounds Write

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image.

CVSS 5.5

View Code

CVE-2023-0800 WRITEUP MEDIUM WRITEUP

Libtiff < 4.4.0 - Out-of-Bounds Write

LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.

CVSS 6.8

View Code

CVE-2023-0801 WRITEUP MEDIUM WRITEUP

Libtiff < 4.4.0 - Out-of-Bounds Write

LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.

CVSS 6.8

View Code

CVE-2023-0802 WRITEUP MEDIUM WRITEUP

Libtiff < 4.4.0 - Out-of-Bounds Write

LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.

CVSS 6.8

View Code

CVE-2023-0803 WRITEUP MEDIUM WRITEUP

Libtiff < 4.4.0 - Out-of-Bounds Write

LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.

CVSS 6.8

View Code

CVE-2023-0804 WRITEUP MEDIUM WRITEUP

Libtiff < 4.4.0 - Out-of-Bounds Write

LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.

CVSS 6.8

View Code