ID CVE-2012-1173
Summary Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTileSeparate or (2) gtStripSeparate function, leading to a heap-based buffer overflow.
References
Vulnerable Configurations
  • cpe:2.3:a:libtiff:libtiff:3.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:libtiff:libtiff:3.9.4:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 18-01-2018 - 02:29)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
redhat via4
advisories
bugzilla
id 803078
title CVE-2012-1173 libtiff: Heap-buffer overflow due to TileSize calculation when parsing tiff files
oval
OR
  • AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    • OR
      • AND
        • comment libtiff is earlier than 0:3.9.4-5.el6_2
          oval oval:com.redhat.rhsa:tst:20120468005
        • comment libtiff is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110318011
      • AND
        • comment libtiff-devel is earlier than 0:3.9.4-5.el6_2
          oval oval:com.redhat.rhsa:tst:20120468007
        • comment libtiff-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110318015
      • AND
        • comment libtiff-static is earlier than 0:3.9.4-5.el6_2
          oval oval:com.redhat.rhsa:tst:20120468009
        • comment libtiff-static is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110318013
  • AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • OR
      • AND
        • comment libtiff is earlier than 0:3.8.2-14.el5_8
          oval oval:com.redhat.rhsa:tst:20120468012
        • comment libtiff is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080847003
      • AND
        • comment libtiff-devel is earlier than 0:3.8.2-14.el5_8
          oval oval:com.redhat.rhsa:tst:20120468014
        • comment libtiff-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080847005
rhsa
id RHSA-2012:0468
released 2012-04-10
severity Important
title RHSA-2012:0468: libtiff security update (Important)
rpms
  • libtiff-0:3.9.4-5.el6_2
  • libtiff-devel-0:3.9.4-5.el6_2
  • libtiff-static-0:3.9.4-5.el6_2
  • libtiff-0:3.8.2-14.el5_8
  • libtiff-devel-0:3.8.2-14.el5_8
refmap via4
apple
  • APPLE-SA-2012-09-19-1
  • APPLE-SA-2012-09-19-2
bid 52891
confirm
debian DSA-2447
fedora
  • FEDORA-2012-5406
  • FEDORA-2012-5410
  • FEDORA-2012-5463
gentoo GLSA-201209-02
mandriva MDVSA-2012:054
misc
osvdb 81025
sectrack 1026895
secunia
  • 48684
  • 48722
  • 48735
  • 48757
  • 48893
  • 50726
suse openSUSE-SU-2012:0539
ubuntu USN-1416-1
xf libtiff-gttileseparate-bo(74656)
Last major update 18-01-2018 - 02:29
Published 04-06-2012 - 20:55
Back to Top