CVE-2010-1411

2010-06-17 18:30:01 2013-05-15 05:08:28

Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as used in ImageIO in Apple Mac OS X 10.5.8 and Mac OS X 10.6 before 10.6.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Apache Software Foundation POI 0.5 Apache Software Foundation POI 0.3 Apache Software Foundation POI 0.6 Apache Software Foundation POI 0.2 Apache Software Foundation POI 0.4 Apache Software Foundation Rave 0.16 Apache Software Foundation Rave 0.15 Apache Software Foundation Rave 0.14 Apache Software Foundation Rave 0.13 Apache Software Foundation Rave 0.12

Apple - Mac os x Apple - Mac os x server

Advisory	Patch	Confirmed	Link
			http://support.apple.com/kb/HT4188
			https://bugzilla.redhat.com/show_bug.cgi?id=592361
			ADV-2010-1761
			ADV-2010-1731
			ADV-2010-1638
			ADV-2010-1512
			ADV-2010-1481
			ADV-2010-1435
			USN-954-1
			40823
			http://www.remotesensing.org/libtiff/v3.9.3.html
			RHSA-2010:0520
			RHSA-2010:0519
			http://support.apple.com/kb/HT4220
			http://support.apple.com/kb/HT4196
			SSA:2010-180-02
			1024103
			GLSA-201209-02
			50726
			40536
			40527
			40478
			40381
			40220
			40196
			40181
			[oss-security] 20100623 CVE requests: LibTIFF
			SUSE-SR:2010:014
			FEDORA-2010-10469
			FEDORA-2010-10460
			APPLE-SA-2010-06-16-1
			APPLE-SA-2010-06-15-1

CVE-2010-1411

2010-06-17 18:30:01 2013-05-15 05:08:28

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)