exploit the possibilities
Showing 1 - 5 of 5 RSS Feed

CVE-2011-0191

Status Candidate

Overview

Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding.

Related Files

Debian Security Advisory 2210-2
Posted Jun 27, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2210-2 - The recent tiff update DSA-2210-1 introduced a regression that could lead to encoding problems of tiff files. This update fixes this problem (bug #630042).

tags | advisory
systems | linux, debian
advisories | CVE-2011-0191, CVE-2011-0192, CVE-2011-1167
MD5 | 91fac7c32a6471b8dc923f000f635166
Mandriva Linux Security Advisory 2011-064
Posted Apr 4, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-064 - Buffer overflow in LibTIFF allows remote attackers to execute arbitrary code or cause a denial of service via a crafted TIFF image with JPEG encoding. Heap-based buffer overflow in the thunder decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a.tiff file that has an unexpected BitsPerSample value.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2011-0191, CVE-2011-1167
MD5 | 262e17aff4b7fa90887fc32b4cadd46e
Debian Security Advisory 2210-1
Posted Apr 4, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2210-1 - Several vulnerabilities were discovered in the TIFF manipulation and conversion library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-0191, CVE-2011-0192, CVE-2011-1167
MD5 | 1b510f5360da3e485b41ac0df0fc2253
Ubuntu Security Notice USN-1085-2
Posted Mar 15, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1085-2 - USN-1085-1 fixed vulnerabilities in the system TIFF library. The upstream fixes were incomplete and created problems for certain CCITTFAX4 files. This update fixes the problem. Multiple vulnerabilities related to tiff have been discovered and addressed. Sauli Pahlman discovered that the TIFF library incorrectly handled invalid td_stripbytecount fields. Sauli Pahlman discovered that the TIFF library incorrectly handled TIFF files with an invalid combination of SamplesPerPixel and Photometric values. Nicolae Ghimbovschi discovered that the TIFF library incorrectly handled invalid ReferenceBlackWhite values. Sauli Pahlman discovered that the TIFF library incorrectly handled certain default fields. It was discovered that the TIFF library incorrectly validated certain data types. It was discovered that the TIFF library incorrectly handled downsampled JPEG data. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-2482, CVE-2010-2483, CVE-2010-2595, CVE-2010-2597, CVE-2010-2598, CVE-2010-2630, CVE-2010-3087, CVE-2011-0191, CVE-2011-0192
MD5 | 2e98b1874b42c3fedf87d853afffcd58
Ubuntu Security Notice USN-1085-1
Posted Mar 7, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1085-1 - Multiple vulnerabilities related to tiff have been discovered and addressed. Sauli Pahlman discovered that the TIFF library incorrectly handled invalid td_stripbytecount fields. Sauli Pahlman discovered that the TIFF library incorrectly handled TIFF files with an invalid combination of SamplesPerPixel and Photometric values. Nicolae Ghimbovschi discovered that the TIFF library incorrectly handled invalid ReferenceBlackWhite values. Sauli Pahlman discovered that the TIFF library incorrectly handled certain default fields. It was discovered that the TIFF library incorrectly validated certain data types. It was discovered that the TIFF library incorrectly handled downsampled JPEG data. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-2482, CVE-2010-2483, CVE-2010-2595, CVE-2010-2597, CVE-2010-2598, CVE-2010-2630, CVE-2010-3087, CVE-2011-0191, CVE-2011-0192
MD5 | 98206d281f78cc5326593ab95451050c
Page 1 of 1
Back1Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    21 Files
  • 23
    Sep 23rd
    8 Files
  • 24
    Sep 24th
    15 Files
  • 25
    Sep 25th
    4 Files
  • 26
    Sep 26th
    1 Files
  • 27
    Sep 27th
    1 Files
  • 28
    Sep 28th
    9 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close