what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2011-0192

Status Candidate

Overview

Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h. NOTE: some of these details are obtained from third party information.

Related Files

Gentoo Linux Security Advisory 201209-02
Posted Sep 24, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201209-2 - Multiple vulnerabilities in libTIFF could result in execution of arbitrary code or Denial of Service. Versions less than 4.0.2-r1 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2009-2347, CVE-2009-5022, CVE-2010-1411, CVE-2010-2065, CVE-2010-2067, CVE-2010-2233, CVE-2010-2443, CVE-2010-2481, CVE-2010-2482, CVE-2010-2483, CVE-2010-2595, CVE-2010-2596, CVE-2010-2597, CVE-2010-2630, CVE-2010-2631, CVE-2010-3087, CVE-2010-4665, CVE-2011-0192, CVE-2011-0192, CVE-2011-1167, CVE-2011-1167, CVE-2012-1173, CVE-2012-2088, CVE-2012-2113, CVE-2012-3401
SHA-256 | 4c1d531cd4481a5572a3c053df88570eab2536699dd069f5b711c89773f211c5
Apple Security Advisory 2011-10-12-2
Posted Oct 13, 2011
Authored by Apple | Site apple.com

Apple Security Advisory 2011-10-12-2 - An Apple TV software update is now available and addresses credential interception, spoofing, information disclosure, and various other vulnerabilities.

tags | advisory, spoof, vulnerability, info disclosure
systems | apple
advisories | CVE-2011-0192, CVE-2011-0216, CVE-2011-0241, CVE-2011-3232, CVE-2011-3259, CVE-2011-3389, CVE-2011-3427
SHA-256 | af6991e6da4da4c4159318f8e75e42e744f9f6316d984aa5a8dddf7761727af1
Apple Security Advisory 2011-10-12-1
Posted Oct 13, 2011
Authored by Apple | Site apple.com

Apple Security Advisory 2011-10-12-1 - An iOS 5 software update is now available. It addresses an SSL check in CalDAV, a script injection issue in Calendar, issues in CFNetwork, and 90+ other security issues.

tags | advisory
systems | cisco, apple
advisories | CVE-2011-0166, CVE-2011-0184, CVE-2011-0187, CVE-2011-0192, CVE-2011-0206, CVE-2011-0208, CVE-2011-0216, CVE-2011-0218, CVE-2011-0221, CVE-2011-0222, CVE-2011-0225, CVE-2011-0232, CVE-2011-0233, CVE-2011-0234, CVE-2011-0235, CVE-2011-0238, CVE-2011-0241, CVE-2011-0242, CVE-2011-0254, CVE-2011-0255, CVE-2011-0259, CVE-2011-0981, CVE-2011-0983, CVE-2011-1107, CVE-2011-1109, CVE-2011-1114, CVE-2011-1115, CVE-2011-1117
SHA-256 | a8ca21bf61323da2e049fe8c2ba65cc9cae5928af38fbf284248eee54695f428
Debian Security Advisory 2210-2
Posted Jun 27, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2210-2 - The recent tiff update DSA-2210-1 introduced a regression that could lead to encoding problems of tiff files. This update fixes this problem (bug #630042).

tags | advisory
systems | linux, debian
advisories | CVE-2011-0191, CVE-2011-0192, CVE-2011-1167
SHA-256 | 86bd63024acb53f819b3b8408cfb85c832aca320faae658144756a15f4eb2319
Debian Security Advisory 2210-1
Posted Apr 4, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2210-1 - Several vulnerabilities were discovered in the TIFF manipulation and conversion library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-0191, CVE-2011-0192, CVE-2011-1167
SHA-256 | 17908e5e389a1d58bfea5592d9c39b4318e589b4b87dd51d806219e7d1055abc
Ubuntu Security Notice USN-1085-2
Posted Mar 15, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1085-2 - USN-1085-1 fixed vulnerabilities in the system TIFF library. The upstream fixes were incomplete and created problems for certain CCITTFAX4 files. This update fixes the problem. Multiple vulnerabilities related to tiff have been discovered and addressed. Sauli Pahlman discovered that the TIFF library incorrectly handled invalid td_stripbytecount fields. Sauli Pahlman discovered that the TIFF library incorrectly handled TIFF files with an invalid combination of SamplesPerPixel and Photometric values. Nicolae Ghimbovschi discovered that the TIFF library incorrectly handled invalid ReferenceBlackWhite values. Sauli Pahlman discovered that the TIFF library incorrectly handled certain default fields. It was discovered that the TIFF library incorrectly validated certain data types. It was discovered that the TIFF library incorrectly handled downsampled JPEG data. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-2482, CVE-2010-2483, CVE-2010-2595, CVE-2010-2597, CVE-2010-2598, CVE-2010-2630, CVE-2010-3087, CVE-2011-0191, CVE-2011-0192
SHA-256 | 55b184ba540a99b97525111479f1fba5ff77334bf3690f72abffaa068a8706f7
Mandriva Linux Security Advisory 2011-043
Posted Mar 8, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-043 - A buffer overflow was discovered in libtiff which allows remote attackers to execute arbitrary code or cause a denial of service via a crafted TIFF image with CCITT Group 4 encoding.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2011-0192, CVE-2009-2347, CVE-2010-2065
SHA-256 | a30c069b2a4cc6efb9588b6a66dfd73bfd71758866bd0849dc058e1257a3f581
Ubuntu Security Notice USN-1085-1
Posted Mar 7, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1085-1 - Multiple vulnerabilities related to tiff have been discovered and addressed. Sauli Pahlman discovered that the TIFF library incorrectly handled invalid td_stripbytecount fields. Sauli Pahlman discovered that the TIFF library incorrectly handled TIFF files with an invalid combination of SamplesPerPixel and Photometric values. Nicolae Ghimbovschi discovered that the TIFF library incorrectly handled invalid ReferenceBlackWhite values. Sauli Pahlman discovered that the TIFF library incorrectly handled certain default fields. It was discovered that the TIFF library incorrectly validated certain data types. It was discovered that the TIFF library incorrectly handled downsampled JPEG data. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-2482, CVE-2010-2483, CVE-2010-2595, CVE-2010-2597, CVE-2010-2598, CVE-2010-2630, CVE-2010-3087, CVE-2011-0191, CVE-2011-0192
SHA-256 | e9397fa6d8f38798a98fbe7c182d72c1e10b037ec8cc64b976aec4405b72f22d
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    6 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close