LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted TIFF file, a different vulnerability than CVE-2010-2443.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:N/C:N/I:N/A:P
Vendors Products
Libtiff
  • Libtiff

Configuration 1 [-]

OR cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta18:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta24:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta28:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta29:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta31:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta32:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta34:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta35:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta36:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta37:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.6:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.6:beta:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.7:alpha:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.7:alpha2:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.7:alpha3:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.7:alpha4:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.7:beta:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.6.0:beta:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.6.0:beta2:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.6.1:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.0:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.0:alpha:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.0:beta:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.0:beta2:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.1:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.2:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.3:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.4:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.8.0:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.8.1:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.8.2:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.0:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.0:beta:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.1:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.2:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.3:*:*:*:*:*:*:*
References
Link Resource
http://bugzilla.maptools.org/show_bug.cgi?id=1996
http://marc.info/?l=oss-security&m=127736307002102&w=2
http://marc.info/?l=oss-security&m=127738540902757&w=2
http://marc.info/?l=oss-security&m=127797353202873&w=2
http://secunia.com/advisories/40422 Vendor Advisory
http://secunia.com/advisories/50726
http://security.gentoo.org/glsa/glsa-201209-02.xml
http://www.debian.org/security/2012/dsa-2552
http://www.openwall.com/lists/oss-security/2010/06/30/22
https://bugs.launchpad.net/bugs/597246
https://bugzilla.redhat.com/show_bug.cgi?id=603024 Exploit
https://bugzilla.redhat.com/show_bug.cgi?id=608010
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2010-07-06T14:00:00

Updated: 2012-10-13T09:00:00

Reserved: 2010-06-28T00:00:00

Link: CVE-2010-2482

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2010-07-06T17:17:13.437

Modified: 2023-02-13T04:21:16.340

Link: CVE-2010-2482

JSON object: View

cve-icon Redhat Information

No data.

CWE