libtiff bmp file Heap Overflow (CVE-2015-8668)

Details === Product: libtiff Affected Versions: <= 4.0.6 Vulnerability Type: Heap Overflow Security Risk: High Vendor URL: http://www.libtiff.org/ CVE ID: CVE-2015-8668 Credit: riusksk of Tencent Security Platform Department Introduction libtiff v4.0.6 bmp2tiff function PackBi

libtiff: invalid write (CVE-2015-7554)

`_TIFFVGetField()' in libtiff-4.0.6 may write field data for certain extension tags to invalid or possibly arbitrary memory. Each tag has a `field_passcount' variable in their TIFFField struct: tiff-4.0.6/libtiff/tif_dir.h #276..289: , | struct _TIFFField { | uint32 field_tag;

AccessDiver V4.301 Buffer Overflow

[+] Credits: hyp3rlinx [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/ACCESSDIVER-BUFFER-OVERFLOW.txt Vendor: == M. Jean Fages www.accessdiver.com circa 1998-2006 Product: = AccessDiver V4.301 build 5888