ID CVE-2010-1411
Summary Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as used in ImageIO in Apple Mac OS X 10.5.8 and Mac OS X 10.6 before 10.6.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow.
References
Vulnerable Configurations
  • Apple Mac OS X 10.5.8
    cpe:2.3:o:apple:mac_os_x:10.5.8
  • Apple Mac OS X 10.6.0
    cpe:2.3:o:apple:mac_os_x:10.6.0
  • Apple Mac OS X 10.6.1
    cpe:2.3:o:apple:mac_os_x:10.6.1
  • Apple Mac OS X 10.6.2
    cpe:2.3:o:apple:mac_os_x:10.6.2
  • Apple Mac OS X 10.6.3
    cpe:2.3:o:apple:mac_os_x:10.6.3
  • Apple Mac OS X Server 10.5.8
    cpe:2.3:o:apple:mac_os_x_server:10.5.8
  • Apple Mac OS X Server 10.6.0
    cpe:2.3:o:apple:mac_os_x_server:10.6.0
  • Apple Mac OS X Server 10.6.1
    cpe:2.3:o:apple:mac_os_x_server:10.6.1
  • Apple Mac OS X Server 10.6.2
    cpe:2.3:o:apple:mac_os_x_server:10.6.2
  • Apple Mac OS X Server 10.6.3
    cpe:2.3:o:apple:mac_os_x_server:10.6.3
CVSS
Base: 6.8 (as of 18-06-2010 - 07:31)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2010-004.NASL
    description The remote host is running a version of Mac OS X 10.5 that does not have Security Update 2010-004 applied. This security update contains fixes for the following components : - CUPS - DesktopServices - Flash Player plug-in - Folder Manager - iChat - ImageIO - Kerberos - Kernel - libcurl - Network Authorization - Ruby - SMB File Server - SquirrelMail - Wiki Server
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 47024
    published 2010-06-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47024
    title Mac OS X Multiple Vulnerabilities (Security Update 2010-004)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2010-0519.NASL
    description Updated libtiff packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Multiple integer overflow flaws, leading to a buffer overflow, were discovered in libtiff. An attacker could use these flaws to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. (CVE-2010-1411) Multiple input validation flaws were discovered in libtiff. An attacker could use these flaws to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash. (CVE-2010-2481, CVE-2010-2483, CVE-2010-2595, CVE-2010-2597) Red Hat would like to thank Apple Product Security for responsibly reporting the CVE-2010-1411 flaw, who credit Kevin Finisterre of digitalmunition.com for the discovery of the issue. All libtiff users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. All running applications linked against libtiff must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 47738
    published 2010-07-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47738
    title CentOS 4 / 5 : libtiff (CESA-2010:0519)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-954-1.NASL
    description Kevin Finisterre discovered that the TIFF library did not correctly handle certain image structures. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could execute arbitrary code with user privileges, or crash the application, leading to a denial of service. (CVE-2010-1411) Dan Rosenberg and Sauli Pahlman discovered multiple flaws in the TIFF library. If a user or automated system were into opening a specially crafted TIFF image, a remote attacker could execute arbitrary code with user privileges, or crash the application, leading to a denial of service. (Only Ubuntu 10.04 LTS was affected.) (CVE-2010-2065, CVE-2010-2067). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 47110
    published 2010-06-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47110
    title Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : tiff vulnerabilities (USN-954-1)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_6_4.NASL
    description The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.4. Mac OS X 10.6.4 contains security fixes for the following components : - CUPS - DesktopServices - Flash Player plug-in - Folder Manager - Help Viewer - iChat - ImageIO - Kerberos - Kernel - libcurl - Network Authorization - Open Directory - Printer Setup - Printing - Ruby - SMB File Server - SquirrelMail - Wiki Server
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 47023
    published 2010-06-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47023
    title Mac OS X 10.6.x < 10.6.4 Multiple Vulnerabilities
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2010-146.NASL
    description Multiple vulnerabilities has been discovered and corrected in libtiff : The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers an array index error, related to downsampled OJPEG input. (CVE-2010-2595) Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow (CVE-2010-1411). Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow (CVE-2010-2065). The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a TIFF file with an invalid combination of SamplesPerPixel and Photometric values (CVE-2010-2483). The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image, related to downsampled OJPEG input and possibly related to a compiler optimization that triggers a divide-by-zero error (CVE-2010-2597). The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file (CVE-2010-248). Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file (CVE-2010-2067). tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF image, related to downsampled OJPEG input. (CVE-2010-2233). LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted TIFF file, a different vulnerability than CVE-2010-2443 (CVE-2010-2482). The updated packages have been patched to correct these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 48272
    published 2010-08-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=48272
    title Mandriva Linux Security Advisory : libtiff (MDVSA-2010:146)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201209-02.NASL
    description The remote host is affected by the vulnerability described in GLSA-201209-02 (libTIFF: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in libTIFF. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted TIFF file with an application making use of libTIFF, possibly resulting in execution of arbitrary code with the privileges of the user running the application or a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 62235
    published 2012-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62235
    title GLSA-201209-02 : libTIFF: Multiple vulnerabilities
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2010-180-02.NASL
    description New libtiff packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues.
    last seen 2019-02-21
    modified 2013-06-01
    plugin id 47563
    published 2010-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47563
    title Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 9.0 / 9.1 / current : libtiff (SSA:2010-180-02)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2010-0519.NASL
    description Updated libtiff packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Multiple integer overflow flaws, leading to a buffer overflow, were discovered in libtiff. An attacker could use these flaws to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. (CVE-2010-1411) Multiple input validation flaws were discovered in libtiff. An attacker could use these flaws to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash. (CVE-2010-2481, CVE-2010-2483, CVE-2010-2595, CVE-2010-2597) Red Hat would like to thank Apple Product Security for responsibly reporting the CVE-2010-1411 flaw, who credit Kevin Finisterre of digitalmunition.com for the discovery of the issue. All libtiff users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. All running applications linked against libtiff must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 47872
    published 2010-07-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47872
    title RHEL 4 / 5 : libtiff (RHSA-2010:0519)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_LIBTIFF-7052.NASL
    description This update of libtiff fixes several integer overflows that could lead to a corrupted heap memory. This bug can be exploited remotely with a crafted TIFF file to cause an application crash or probably to execute arbitrary code. (CVE-2010-1411)
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 49883
    published 2010-10-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=49883
    title SuSE 10 Security Update : libtiff (ZYPP Patch Number 7052)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-10359.NASL
    description Fix numerous crashing bugs, including CVE-2010-1411 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 47224
    published 2010-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47224
    title Fedora 11 : libtiff-3.8.2-15.fc11 (2010-10359)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2010-0519.NASL
    description From Red Hat Security Advisory 2010:0519 : Updated libtiff packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Multiple integer overflow flaws, leading to a buffer overflow, were discovered in libtiff. An attacker could use these flaws to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. (CVE-2010-1411) Multiple input validation flaws were discovered in libtiff. An attacker could use these flaws to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash. (CVE-2010-2481, CVE-2010-2483, CVE-2010-2595, CVE-2010-2597) Red Hat would like to thank Apple Product Security for responsibly reporting the CVE-2010-1411 flaw, who credit Kevin Finisterre of digitalmunition.com for the discovery of the issue. All libtiff users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. All running applications linked against libtiff must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2015-12-01
    plugin id 68059
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68059
    title Oracle Linux 4 / 5 : libtiff (ELSA-2010-0519)
  • NASL family Windows
    NASL id ITUNES_9_2.NASL
    description The version of Apple iTunes installed on the remote Windows host is older than 9.2. As such, it may be affected by multiple vulnerabilities : - A heap-based buffer overflow in the handling of images with an embedded ColorSync profile may lead to an application crash or arbitrary code execution. (CVE-2009-1726) - Multiple integer overflows in ImageIO's handling of TIFF files may lead to an application crash or arbitrary code execution. (CVE-2010-1411) - Multiple vulnerabilities WebKit may have a variety of effects, including arbitrary code execution. (CVE-2010-0544, CVE-2010-1119, CVE-2010-1387, CVE-2010-1390, CVE-2010-1392, CVE-2010-1393, CVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398, CVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402, CVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410, CVE-2010-1412, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419, CVE-2010-1421, CVE-2010-1422, CVE-2010-1749, CVE-2010-1758, CVE-2010-1759, CVE-2010-1761, CVE-2010-1763, CVE-2010-1769, CVE-2010-1770, CVE-2010-1771, CVE-2010-1774)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 47037
    published 2010-06-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47037
    title Apple iTunes < 9.2 Multiple Vulnerabilities (credentialed check)
  • NASL family Peer-To-Peer File Sharing
    NASL id ITUNES_9_2_BANNER.NASL
    description The version of Apple iTunes on the remote host is prior to version 9.2. It is, therefore, affected by multiple vulnerabilities : - A heap-based buffer overflow vulnerability exists in the handling of images with an embedded ColorSync profile. By using a specially crafted image, a remote attacker can exploit this to cause a denial of service or execute arbitrary code. (CVE-2009-1726) - Multiple integer overflow vulnerabilities exist in ImageIO's handling of TIFF files. By using a specially crafted TIFF file, a remote attacker can exploit these to cause a denial of service or execute arbitrary code. (CVE-2010-1411) - The WebKit component contains multiple vulnerabilities that can be exploited, including the execution of arbitrary code. (CVE-2010-0544, CVE-2010-1119, CVE-2010-1387, CVE-2010-1390, CVE-2010-1392, CVE-2010-1393, CVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398, CVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402, CVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410, CVE-2010-1412, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419, CVE-2010-1421, CVE-2010-1422, CVE-2010-1749, CVE-2010-1758, CVE-2010-1759, CVE-2010-1761, CVE-2010-1763, CVE-2010-1769, CVE-2010-1770, CVE-2010-1771, CVE-2010-1774)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 47038
    published 2010-06-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47038
    title Apple iTunes < 9.2 Multiple Vulnerabilities (uncredentialed check)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2010-145.NASL
    description Multiple vulnerabilities has been discovered and corrected in libtiff : The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers an array index error, related to downsampled OJPEG input. (CVE-2010-2595) Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow (CVE-2010-1411). Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow (CVE-2010-2065). The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a TIFF file with an invalid combination of SamplesPerPixel and Photometric values (CVE-2010-2483). The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image, related to downsampled OJPEG input and possibly related to a compiler optimization that triggers a divide-by-zero error (CVE-2010-2597). The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file (CVE-2010-248). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=4 90 The updated packages have been patched to correct these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 48271
    published 2010-08-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=48271
    title Mandriva Linux Security Advisory : libtiff (MDVSA-2010:145)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2010-0520.NASL
    description From Red Hat Security Advisory 2010:0520 : Updated libtiff packages that fix two security issues are now available for Red Hat Enterprise Linux 3. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Multiple integer overflow flaws, leading to a buffer overflow, were discovered in libtiff. An attacker could use these flaws to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. (CVE-2010-1411) An input validation flaw was discovered in libtiff. An attacker could use this flaw to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash. (CVE-2010-2598) Red Hat would like to thank Apple Product Security for responsibly reporting the CVE-2010-1411 flaw, who credit Kevin Finisterre of digitalmunition.com for the discovery of the issue. All libtiff users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. All running applications linked against libtiff must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2015-12-01
    plugin id 68060
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68060
    title Oracle Linux 3 : libtiff (ELSA-2010-0520)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2010-0520.NASL
    description Updated libtiff packages that fix two security issues are now available for Red Hat Enterprise Linux 3. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Multiple integer overflow flaws, leading to a buffer overflow, were discovered in libtiff. An attacker could use these flaws to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. (CVE-2010-1411) An input validation flaw was discovered in libtiff. An attacker could use this flaw to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash. (CVE-2010-2598) Red Hat would like to thank Apple Product Security for responsibly reporting the CVE-2010-1411 flaw, who credit Kevin Finisterre of digitalmunition.com for the discovery of the issue. All libtiff users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. All running applications linked against libtiff must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 48341
    published 2010-08-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=48341
    title CentOS 3 : libtiff (CESA-2010:0520)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2010-0520.NASL
    description Updated libtiff packages that fix two security issues are now available for Red Hat Enterprise Linux 3. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Multiple integer overflow flaws, leading to a buffer overflow, were discovered in libtiff. An attacker could use these flaws to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. (CVE-2010-1411) An input validation flaw was discovered in libtiff. An attacker could use this flaw to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash. (CVE-2010-2598) Red Hat would like to thank Apple Product Security for responsibly reporting the CVE-2010-1411 flaw, who credit Kevin Finisterre of digitalmunition.com for the discovery of the issue. All libtiff users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. All running applications linked against libtiff must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 47873
    published 2010-07-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47873
    title RHEL 3 : libtiff (RHSA-2010:0520)
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_12618.NASL
    description This update of libtiff fixes several integer overflows that could lead to a corrupted heap memory. This bug can be exploited remotely with a crafted TIFF file to cause an application crash or probably to execute arbitrary code. (CVE-2010-1411)
    last seen 2019-02-21
    modified 2012-04-23
    plugin id 47018
    published 2010-06-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47018
    title SuSE9 Security Update : libtiff, (YOU Patch Number 12618)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-10469.NASL
    description Update to version 3.9.4 which fixes several bugs and some CVE's. See http://www.remotesensing.org/libtiff/v3.9.4.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 47608
    published 2010-07-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47608
    title Fedora 12 : mingw32-libtiff-3.9.4-1.fc12 (2010-10469)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_LIBTIFF-DEVEL-100525.NASL
    description This update of libtiff fixes several integer overflows that could lead to a corrupted heap memory. This bug can be exploited remotely with a crafted TIFF file to cause an application crash or probably to execute arbitrary code. (CVE-2010-1411)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 47019
    published 2010-06-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47019
    title openSUSE Security Update : libtiff-devel (openSUSE-SU-2010:0324-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-10334.NASL
    description Fix numerous crashing bugs, including CVE-2010-1411, CVE-2010-2065, CVE-2010-2067, and CVE-2010-2233 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 47585
    published 2010-07-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47585
    title Fedora 13 : libtiff-3.9.4-1.fc13 (2010-10334)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20100708_LIBTIFF_ON_SL3_X.NASL
    description Multiple integer overflow flaws, leading to a buffer overflow, were discovered in libtiff. An attacker could use these flaws to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. (CVE-2010-1411) Multiple input validation flaws were discovered in libtiff. An attacker could use these flaws to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash. (CVE-2010-2481, CVE-2010-2483, CVE-2010-2595, CVE-2010-2597) - SL4, SL5 An input validation flaw was discovered in libtiff. An attacker could use this flaw to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash. (CVE-2010-2598) - SL3 All runningapplications linked against libtiff must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 60812
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60812
    title Scientific Linux Security Update : libtiff on SL3.x, SL4.x, SL5.x i386/x86_64
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-10333.NASL
    description Fix numerous crashing bugs, including CVE-2010-1411, CVE-2010-2065, CVE-2010-2067, and CVE-2010-2233 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-20
    plugin id 47596
    published 2010-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47596
    title Fedora 12 : libtiff-3.9.4-1.fc12 (2010-10333)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2084.NASL
    description Kevin Finisterre discovered that several integer overflows in the TIFF library could lead to the execution of arbitrary code.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 48241
    published 2010-08-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=48241
    title Debian DSA-2084-1 : tiff - integer overflows
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_1_LIBTIFF-DEVEL-100524.NASL
    description This update of libtiff fixes several integer overflows that could lead to a corrupted heap memory. This bug can be exploited remotely with a crafted TIFF file to cause an application crash or probably to execute arbitrary code. (CVE-2010-1411)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 47020
    published 2010-06-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47020
    title openSUSE Security Update : libtiff-devel (openSUSE-SU-2010:0324-1)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_313DA7DC763B11DFBCCE0018F3E2EB82.NASL
    description Kevin Finisterre reports : Multiple integer overflows in the handling of TIFF files may result in a heap buffer overflow. Opening a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution. The issues are addressed through improved bounds checking. Credit to Kevin Finisterre of digitalmunition.com for reporting these issues.
    last seen 2019-02-21
    modified 2018-11-21
    plugin id 46876
    published 2010-06-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46876
    title FreeBSD : tiff -- buffer overflow vulnerability (313da7dc-763b-11df-bcce-0018f3e2eb82)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-10460.NASL
    description Update to version 3.9.4 which fixes several bugs and some CVE's. See http://www.remotesensing.org/libtiff/v3.9.4.html for details Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 47607
    published 2010-07-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47607
    title Fedora 13 : mingw32-libtiff-3.9.4-1.fc13 (2010-10460)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_2_LIBTIFF-DEVEL-100525.NASL
    description This update of libtiff fixes several integer overflows that could lead to a corrupted heap memory. This bug can be exploited remotely with a crafted TIFF file to cause an application crash or probably to execute arbitrary code. (CVE-2010-1411)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 47021
    published 2010-06-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47021
    title openSUSE Security Update : libtiff-devel (openSUSE-SU-2010:0324-1)
redhat via4
advisories
  • rhsa
    id RHSA-2010:0519
  • rhsa
    id RHSA-2010:0520
rpms
  • libtiff-0:3.6.1-12.el4_8.5
  • libtiff-devel-0:3.6.1-12.el4_8.5
  • libtiff-0:3.8.2-7.el5_5.5
  • libtiff-devel-0:3.8.2-7.el5_5.5
  • libtiff-0:3.5.7-34.el3
  • libtiff-devel-0:3.5.7-34.el3
refmap via4
apple
  • APPLE-SA-2010-06-15-1
  • APPLE-SA-2010-06-16-1
bid 40823
confirm
fedora
  • FEDORA-2010-10460
  • FEDORA-2010-10469
gentoo GLSA-201209-02
mlist [oss-security] 20100623 CVE requests: LibTIFF
sectrack 1024103
secunia
  • 40181
  • 40196
  • 40220
  • 40381
  • 40478
  • 40527
  • 40536
  • 50726
slackware SSA:2010-180-02
suse SUSE-SR:2010:014
ubuntu USN-954-1
vupen
  • ADV-2010-1435
  • ADV-2010-1481
  • ADV-2010-1512
  • ADV-2010-1638
  • ADV-2010-1731
  • ADV-2010-1761
Last major update 14-05-2013 - 23:08
Published 17-06-2010 - 12:30
Back to Top