CVE-2010-1411

MEDIUM

Description

Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as used in ImageIO in Apple Mac OS X 10.5.8 and Mac OS X 10.6 before 10.6.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow.

References

http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html

http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043769.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043835.html

http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html

http://marc.info/?l=oss-security&m=127731610612908&w=2

http://secunia.com/advisories/40181

http://secunia.com/advisories/40196

http://secunia.com/advisories/40220

http://secunia.com/advisories/40381

http://secunia.com/advisories/40478

http://secunia.com/advisories/40527

http://secunia.com/advisories/40536

http://secunia.com/advisories/50726

http://security.gentoo.org/glsa/glsa-201209-02.xml

http://securitytracker.com/id?1024103

http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.596424

http://support.apple.com/kb/HT4188

http://support.apple.com/kb/HT4196

http://support.apple.com/kb/HT4220

http://www.redhat.com/support/errata/RHSA-2010-0519.html

http://www.redhat.com/support/errata/RHSA-2010-0520.html

http://www.remotesensing.org/libtiff/v3.9.3.html

http://www.securityfocus.com/bid/40823

http://www.ubuntu.com/usn/USN-954-1

http://www.vupen.com/english/advisories/2010/1435

http://www.vupen.com/english/advisories/2010/1481

http://www.vupen.com/english/advisories/2010/1512

http://www.vupen.com/english/advisories/2010/1638

http://www.vupen.com/english/advisories/2010/1731

http://www.vupen.com/english/advisories/2010/1761

https://bugzilla.redhat.com/show_bug.cgi?id=592361

Details

Source: MITRE

Published: 2010-06-17

Updated: 2013-05-15

Type: CWE-189

Risk Information

CVSS v2.0

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

Tenable Plugins

View all (31 total)

IDNameProductFamilySeverity
68060Oracle Linux 3 : libtiff (ELSA-2010-0520)NessusOracle Linux Local Security Checks
medium
68059Oracle Linux 4 / 5 : libtiff (ELSA-2010-0519)NessusOracle Linux Local Security Checks
medium
62235GLSA-201209-02 : libTIFF: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
60812Scientific Linux Security Update : libtiff on SL3.x, SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
medium
49883SuSE 10 Security Update : libtiff (ZYPP Patch Number 7052)NessusSuSE Local Security Checks
medium
48341CentOS 3 : libtiff (CESA-2010:0520)NessusCentOS Local Security Checks
medium
48272Mandriva Linux Security Advisory : libtiff (MDVSA-2010:146)NessusMandriva Local Security Checks
high
48271Mandriva Linux Security Advisory : libtiff (MDVSA-2010:145)NessusMandriva Local Security Checks
medium
48241Debian DSA-2084-1 : tiff - integer overflowsNessusDebian Local Security Checks
medium
47873RHEL 3 : libtiff (RHSA-2010:0520)NessusRed Hat Local Security Checks
medium
47872RHEL 4 / 5 : libtiff (RHSA-2010:0519)NessusRed Hat Local Security Checks
medium
47738CentOS 4 / 5 : libtiff (CESA-2010:0519)NessusCentOS Local Security Checks
medium
47608Fedora 12 : mingw32-libtiff-3.9.4-1.fc12 (2010-10469)NessusFedora Local Security Checks
medium
47607Fedora 13 : mingw32-libtiff-3.9.4-1.fc13 (2010-10460)NessusFedora Local Security Checks
medium
47596Fedora 12 : libtiff-3.9.4-1.fc12 (2010-10333)NessusFedora Local Security Checks
high
47585Fedora 13 : libtiff-3.9.4-1.fc13 (2010-10334)NessusFedora Local Security Checks
high
47563Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 9.0 / 9.1 / current : libtiff (SSA:2010-180-02)NessusSlackware Local Security Checks
medium
47224Fedora 11 : libtiff-3.8.2-15.fc11 (2010-10359)NessusFedora Local Security Checks
medium
47110Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : tiff vulnerabilities (USN-954-1)NessusUbuntu Local Security Checks
medium
5573iTunes < 9.2 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
medium
47038Apple iTunes < 9.2 Multiple Vulnerabilities (uncredentialed check)NessusPeer-To-Peer File Sharing
high
47037Apple iTunes < 9.2 Multiple Vulnerabilities (credentialed check)NessusWindows
high
800793Mac OS X 10.6 < 10.6.4 Multiple VulnerabilitiesLog Correlation EngineOperating System Detection
high
5571Mac OS X 10.6 < 10.6.4 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical
47024Mac OS X Multiple Vulnerabilities (Security Update 2010-004)NessusMacOS X Local Security Checks
high
47023Mac OS X 10.6.x < 10.6.4 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
47021openSUSE Security Update : libtiff-devel (openSUSE-SU-2010:0324-1)NessusSuSE Local Security Checks
medium
47020openSUSE Security Update : libtiff-devel (openSUSE-SU-2010:0324-1)NessusSuSE Local Security Checks
medium
47019openSUSE Security Update : libtiff-devel (openSUSE-SU-2010:0324-1)NessusSuSE Local Security Checks
medium
47018SuSE9 Security Update : libtiff, (YOU Patch Number 12618)NessusSuSE Local Security Checks
medium
46876FreeBSD : tiff -- buffer overflow vulnerability (313da7dc-763b-11df-bcce-0018f3e2eb82)NessusFreeBSD Local Security Checks
medium