what you don't know can hurt you
Showing 1 - 5 of 5 RSS Feed

CVE-2010-2483

Status Candidate

Overview

The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a TIFF file with an invalid combination of SamplesPerPixel and Photometric values.

Related Files

Gentoo Linux Security Advisory 201209-02
Posted Sep 24, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201209-2 - Multiple vulnerabilities in libTIFF could result in execution of arbitrary code or Denial of Service. Versions less than 4.0.2-r1 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2009-2347, CVE-2009-5022, CVE-2010-1411, CVE-2010-2065, CVE-2010-2067, CVE-2010-2233, CVE-2010-2443, CVE-2010-2481, CVE-2010-2482, CVE-2010-2483, CVE-2010-2595, CVE-2010-2596, CVE-2010-2597, CVE-2010-2630, CVE-2010-2631, CVE-2010-3087, CVE-2010-4665, CVE-2011-0192, CVE-2011-0192, CVE-2011-1167, CVE-2011-1167, CVE-2012-1173, CVE-2012-2088, CVE-2012-2113, CVE-2012-3401
MD5 | b1e333c1e644cbcc9addafc4e21e030b
Ubuntu Security Notice USN-1085-2
Posted Mar 15, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1085-2 - USN-1085-1 fixed vulnerabilities in the system TIFF library. The upstream fixes were incomplete and created problems for certain CCITTFAX4 files. This update fixes the problem. Multiple vulnerabilities related to tiff have been discovered and addressed. Sauli Pahlman discovered that the TIFF library incorrectly handled invalid td_stripbytecount fields. Sauli Pahlman discovered that the TIFF library incorrectly handled TIFF files with an invalid combination of SamplesPerPixel and Photometric values. Nicolae Ghimbovschi discovered that the TIFF library incorrectly handled invalid ReferenceBlackWhite values. Sauli Pahlman discovered that the TIFF library incorrectly handled certain default fields. It was discovered that the TIFF library incorrectly validated certain data types. It was discovered that the TIFF library incorrectly handled downsampled JPEG data. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-2482, CVE-2010-2483, CVE-2010-2595, CVE-2010-2597, CVE-2010-2598, CVE-2010-2630, CVE-2010-3087, CVE-2011-0191, CVE-2011-0192
MD5 | 2e98b1874b42c3fedf87d853afffcd58
Ubuntu Security Notice USN-1085-1
Posted Mar 7, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1085-1 - Multiple vulnerabilities related to tiff have been discovered and addressed. Sauli Pahlman discovered that the TIFF library incorrectly handled invalid td_stripbytecount fields. Sauli Pahlman discovered that the TIFF library incorrectly handled TIFF files with an invalid combination of SamplesPerPixel and Photometric values. Nicolae Ghimbovschi discovered that the TIFF library incorrectly handled invalid ReferenceBlackWhite values. Sauli Pahlman discovered that the TIFF library incorrectly handled certain default fields. It was discovered that the TIFF library incorrectly validated certain data types. It was discovered that the TIFF library incorrectly handled downsampled JPEG data. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-2482, CVE-2010-2483, CVE-2010-2595, CVE-2010-2597, CVE-2010-2598, CVE-2010-2630, CVE-2010-3087, CVE-2011-0191, CVE-2011-0192
MD5 | 98206d281f78cc5326593ab95451050c
Mandriva Linux Security Advisory 2010-146
Posted Aug 6, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-146 - The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service via a crafted TIFF image that triggers an array index error, related to downsampled OJPEG input. Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3 allow remote attackers to execute arbitrary code or cause a denial of service via a crafted TIFF file that triggers a heap-based buffer overflow. Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow. The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service via a TIFF file with an invalid combination of SamplesPerPixel and Photometric values. The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service via a crafted TIFF image, related to downsampled OJPEG input and possibly related to a compiler optimization that triggers a divide-by-zero error. The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file. Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file. tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF image, related to downsampled OJPEG input. LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service via a crafted TIFF file, a different vulnerability than CVE-2010-2443. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2010-2595, CVE-2010-1411, CVE-2010-2065, CVE-2010-2483, CVE-2010-2597, CVE-2010-2481, CVE-2010-2067, CVE-2010-2233, CVE-2010-2482
MD5 | 40631af2a0f8063cb9fc05b84d48cfbb
Mandriva Linux Security Advisory 2010-145
Posted Aug 6, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-145 - The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service via a crafted TIFF image that triggers an array index error, related to downsampled OJPEG input. Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3 allow remote attackers to execute arbitrary code or cause a denial of service via a crafted TIFF file that triggers a heap-based buffer overflow. Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow. The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service via a TIFF file with an invalid combination of SamplesPerPixel and Photometric values. The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service via a crafted TIFF image, related to downsampled OJPEG input and possibly related to a compiler optimization that triggers a divide-by-zero error. The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2010-2595, CVE-2010-1411, CVE-2010-2065, CVE-2010-2483, CVE-2010-2597, CVE-2010-2481
MD5 | 6553e5bc471d8c962095afd227252de4
Page 1 of 1
Back1Next

File Archive:

November 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    2 Files
  • 2
    Nov 2nd
    9 Files
  • 3
    Nov 3rd
    15 Files
  • 4
    Nov 4th
    90 Files
  • 5
    Nov 5th
    22 Files
  • 6
    Nov 6th
    16 Files
  • 7
    Nov 7th
    1 Files
  • 8
    Nov 8th
    1 Files
  • 9
    Nov 9th
    40 Files
  • 10
    Nov 10th
    27 Files
  • 11
    Nov 11th
    28 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    18 Files
  • 14
    Nov 14th
    2 Files
  • 15
    Nov 15th
    2 Files
  • 16
    Nov 16th
    29 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    15 Files
  • 19
    Nov 19th
    21 Files
  • 20
    Nov 20th
    16 Files
  • 21
    Nov 21st
    1 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    19 Files
  • 24
    Nov 24th
    32 Files
  • 25
    Nov 25th
    7 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close