CVE-2012-2113

2012-07-22 19:55:01 2017-12-29 03:29:18

Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

LibTIFF 3.9.4 LibTIFF 3.9.3 LibTIFF 3.9.2-5.2.1 LibTIFF 3.9.2 LibTIFF 3.9.1 LibTIFF 3.9.0 beta LibTIFF 3.9.0 LibTIFF 3.9 LibTIFF 3.8.2 LibTIFF 3.8.1 LibTIFF 3.8.0 LibTIFF 3.7.4 LibTIFF 3.7.3 LibTIFF 3.7.2 LibTIFF 3.7.1 LibTIFF 3.7.0 beta2 LibTIFF 3.7.0 beta LibTIFF 3.7.0 alpha LibTIFF 3.7.0 LibTIFF 3.6.1 LibTIFF 3.6.0 beta2 LibTIFF 3.6.0 beta LibTIFF 3.6.0 LibTIFF 3.5.7 beta LibTIFF 3.5.7 alpha4 LibTIFF 3.5.7 alpha3 LibTIFF 3.5.7 alpha2 LibTIFF 3.5.7 alpha LibTIFF 3.5.7 LibTIFF 3.5.6 beta LibTIFF 3.5.6 LibTIFF 3.5.5 LibTIFF 3.5.4 LibTIFF 3.5.3 LibTIFF 3.5.2 LibTIFF 3.5.1 LibTIFF 3.4 beta37 LibTIFF 3.4 beta36 LibTIFF 3.4 beta35 LibTIFF 3.4 beta34 LibTIFF 3.4 beta32 LibTIFF 3.4 beta31 LibTIFF 3.4 beta29 LibTIFF 3.4 beta28 LibTIFF 3.4 beta24 LibTIFF 3.4 beta18 LibTIFF 3.4 LibTIFF 3.9.5 LibTIFF 4.0 alpha LibTIFF 4.0 beta1 LibTIFF 4.0 beta2 LibTIFF 4.0 beta3 LibTIFF 4.0 beta4 LibTIFF 4.0 beta5 LibTIFF 4.0 beta6 LibTIFF 4.0.1

Libtiff - Libtiff

Advisory	Patch	Confirmed	Link
			openSUSE-SU-2012:0829
			https://bugzilla.redhat.com/show_bug.cgi?id=810551
			54076
			http://www.remotesensing.org/libtiff/v4.0.2.html
			MDVSA-2012:101
			DSA-2552
			GLSA-201209-02
			RHSA-2012:1054
			SUSE-SU-2012:0894

CVE-2012-2113

2012-07-22 19:55:01 2017-12-29 03:29:18

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)