CVE-2010-3087

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

LibTIFF before 3.9.2-5.2.1 in SUSE openSUSE 11.3 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted TIFF image.

References

http://blackberry.com/btsc/KB27244

http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html

http://secunia.com/advisories/50726

http://security.gentoo.org/glsa/glsa-201209-02.xml

http://support.novell.com/security/cve/CVE-2010-3087.html

https://bugzilla.novell.com/show_bug.cgi?id=624215

Details

Source: MITRE

Published: 2010-09-28

Updated: 2018-10-30

Type: CWE-119

Risk Information

CVSS v2

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

Tenable Plugins

View all (6 total)

IDNameProductFamilySeverity
75619openSUSE Security Update : libtiff-devel (openSUSE-SU-2010:0619-1)NessusSuSE Local Security Checks
medium
62235GLSA-201209-02 : libTIFF: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
55819BlackBerry Enterprise Server PNG and TIFF Image Processing Vulnerabilities (KB27244)NessusWindows
critical
52667Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : tiff regression (USN-1085-2)NessusUbuntu Local Security Checks
high
52581Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : tiff vulnerabilities (USN-1085-1)NessusUbuntu Local Security Checks
high
49737Mandriva Linux Security Advisory : libtiff (MDVSA-2010:190)NessusMandriva Local Security Checks
medium