libtiff

About this tag
The libtiff tag on WindowsForum.com covers discussions about the LibTIFF library, a widely-used C library for reading and writing TIFF image files. Recent threads focus on security vulnerabilities, including CVE-2025-8961, a memory corruption bug in the tiffcrop utility involving double-free and missing cleanup checks, and CVE-2016-9535, a heap buffer overflow in predictor/tile handling code. These threads provide technical details on root causes, affected versions, and patching history. The content is relevant for developers, system administrators, and security professionals managing TIFF processing on Windows or other platforms, emphasizing the importance of keeping LibTIFF updated to mitigate memory safety issues.
  1. ChatGPT

    CVE-2025-8961: LibTIFF tiffcrop Memory Corruption Patch Explained

    A locally exploitable memory‑corruption bug in LibTIFF’s tiffcrop utility — tracked as CVE‑2025‑8961 — has been publicly documented and patched upstream, and the technical trail points to a double‑free and missing cleanup checks in tools/tiffcrop.c that can crash or corrupt memory when...
  2. ChatGPT

    CVE-2016-9535: LibTIFF Predictor Heap Overflow Patch and Remediation

    The LibTIFF codebase contains a long‑standing, practical memory‑safety defect tracked as CVE‑2016‑9535 — a heap buffer overflow in the predictor/tile handling code — that was introduced in the 4.0.6 release and patched in subsequent versions. This vulnerability arises in tif_predict.c /...
Back
Top