The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF image, related to "downsampled OJPEG input."
|62235||GLSA-201209-02 : libTIFF: Multiple vulnerabilities||Nessus||Gentoo Local Security Checks|
|48272||Mandriva Linux Security Advisory : libtiff (MDVSA-2010:146)||Nessus||Mandriva Local Security Checks|
|47596||Fedora 12 : libtiff-3.9.4-1.fc12 (2010-10333)||Nessus||Fedora Local Security Checks|
|47585||Fedora 13 : libtiff-3.9.4-1.fc13 (2010-10334)||Nessus||Fedora Local Security Checks|