Podatność CVE-2010-2482


Publikacja: 2010-07-06   Modyfikacja: 2012-02-13

Opis:
LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted TIFF file, a different vulnerability than CVE-2010-2443.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:
Tytuł
Autor
Data
Low
LibTIFF \'td_stripbytecount\' NULL Pointer Dereference Remote Denial of Service
Tomas Hoger
10.08.2010

Producent: Libtiff
Produkt: Libtiff 
Wersje:
3.9.4
3.9.3
3.9.2
3.9.1
3.9.0
3.8.2
3.8.1
3.8.0
3.7.4
3.7.3
3.7.2
3.7.1
3.7.0
3.6.1
3.6.0
3.5.7
3.5.6
3.5.5
3.5.4
3.5.3
3.5.2
3.5.1
3.4

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:N/A:P)

Ogólna skala CVSS
Znaczenie
Łatwość wykorzystania
4.3/10
2.9/10
8.6/10
Wymagany dostęp
Złożoność ataku
Autoryzacja
Zdalny
Średnia
Nie wymagana
Wpływ na poufność
Wpływ na integralność
Wpływ na dostępność
Brak
Brak
Częściowy

 Referencje:
https://bugzilla.redhat.com/show_bug.cgi?id=608010
https://bugzilla.redhat.com/show_bug.cgi?id=603024
https://bugs.launchpad.net/bugs/597246
http://www.openwall.com/lists/oss-security/2010/06/30/22
http://www.debian.org/security/2012/dsa-2552
http://security.gentoo.org/glsa/glsa-201209-02.xml
http://secunia.com/advisories/50726
http://secunia.com/advisories/40422
http://marc.info/?l=oss-security&m=127797353202873&w=2
http://marc.info/?l=oss-security&m=127738540902757&w=2
http://marc.info/?l=oss-security&m=127736307002102&w=2
http://bugzilla.maptools.org/show_bug.cgi?id=1996

Podobne CVE
CVE-2017-16232
** DISPUTED ** LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the ...
CVE-2019-7663
An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cau...
CVE-2019-6128
The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.
CVE-2018-19210
In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset.
CVE-2018-18661
An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c.
CVE-2018-18557
LibTIFF 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-of-bounds write.
CVE-2018-17795
The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CV...
CVE-2018-17101
An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.

Copyright 2019, cxsecurity.com

 

Back to Top