VRDA Feed : Provides information for vulnerability impact analysis

VRDA Feed by

Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis

[ about VRDA Feed | JPCERT/CC ]

Vulnerability Analysis Result (Revision No : 1)

[ Download XML ]

CVE-2010-2482

libtiff: LibTIFF 3.9.4 and earlier does not properly handle ...

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2482

Original

LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted TIFF file, a different vulnerability than CVE-2010-2443.

Translation (Show)

About This Analysis Information

Analysis Information Provider:

NIST NVD

First Published:

2010-07-06

Source Information Category:

Advisory, Alert

Last Updated:

2010-07-07

Affected Product Tags

cpe:/a:libtiff:libtiff:3.4

cpe:/a:libtiff:libtiff:3.4:beta18

cpe:/a:libtiff:libtiff:3.4:beta24

cpe:/a:libtiff:libtiff:3.4:beta28

cpe:/a:libtiff:libtiff:3.4:beta29

cpe:/a:libtiff:libtiff:3.4:beta31

cpe:/a:libtiff:libtiff:3.4:beta32

cpe:/a:libtiff:libtiff:3.4:beta34

cpe:/a:libtiff:libtiff:3.4:beta35

cpe:/a:libtiff:libtiff:3.4:beta36

cpe:/a:libtiff:libtiff:3.4:beta37

cpe:/a:libtiff:libtiff:3.5.1

cpe:/a:libtiff:libtiff:3.5.2

cpe:/a:libtiff:libtiff:3.5.3

cpe:/a:libtiff:libtiff:3.5.4

cpe:/a:libtiff:libtiff:3.5.5

cpe:/a:libtiff:libtiff:3.5.6

cpe:/a:libtiff:libtiff:3.5.6:beta

cpe:/a:libtiff:libtiff:3.5.7

cpe:/a:libtiff:libtiff:3.5.7:alpha

cpe:/a:libtiff:libtiff:3.5.7:alpha2

cpe:/a:libtiff:libtiff:3.5.7:alpha3

cpe:/a:libtiff:libtiff:3.5.7:alpha4

cpe:/a:libtiff:libtiff:3.5.7:beta

cpe:/a:libtiff:libtiff:3.6.0

cpe:/a:libtiff:libtiff:3.6.0:beta

cpe:/a:libtiff:libtiff:3.6.0:beta2

cpe:/a:libtiff:libtiff:3.6.1

cpe:/a:libtiff:libtiff:3.7.0

cpe:/a:libtiff:libtiff:3.7.0:alpha

cpe:/a:libtiff:libtiff:3.7.0:beta

cpe:/a:libtiff:libtiff:3.7.0:beta2

cpe:/a:libtiff:libtiff:3.7.1

cpe:/a:libtiff:libtiff:3.7.2

cpe:/a:libtiff:libtiff:3.7.3

cpe:/a:libtiff:libtiff:3.7.4

cpe:/a:libtiff:libtiff:3.8.0

cpe:/a:libtiff:libtiff:3.8.1

cpe:/a:libtiff:libtiff:3.8.2

cpe:/a:libtiff:libtiff:3.9

cpe:/a:libtiff:libtiff:3.9.0

cpe:/a:libtiff:libtiff:3.9.0:beta

cpe:/a:libtiff:libtiff:3.9.1

cpe:/a:libtiff:libtiff:3.9.2

cpe:/a:libtiff:libtiff:3.9.3

cpe:/a:libtiff:libtiff:3.9.4 and previous versions

Vulnerability Analysis Results

[Access Vector] ^[?]

Undefined^[?]

Local^[?]

Adjacent Network^[?]

Network^[?]

[Access Complexit] ^[?]

Undefined^[?]

High^[?]

Medium^[?]

Low^[?]

[Authentication] ^[?]

Undefined^[?]

Multiple^[?]

Single^[?]

None^[?]

[Confidentiality Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Integrity Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Availability Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

Alternatives

References

CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=608010

CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=603024

CONFIRM https://bugs.launchpad.net/bugs/597246

CONFIRM http://bugzilla.maptools.org/show_bug.cgi?id=1996

MLIST [oss-security] 20100630 Re: CVE requests: LibTIFF

MLIST [oss-security] 20100701 Re: CVE requests: LibTIFF

MLIST [oss-security] 20100624 Re: CVE requests: LibTIFF

SECUNIA 40422

Vulnerability Type Other (NVD-CWE-Other)