CVE-2010-3087

MEDIUM

Description

LibTIFF before 3.9.2-5.2.1 in SUSE openSUSE 11.3 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted TIFF image.

References

http://blackberry.com/btsc/KB27244

http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html

http://secunia.com/advisories/50726

http://security.gentoo.org/glsa/glsa-201209-02.xml

http://support.novell.com/security/cve/CVE-2010-3087.html

https://bugzilla.novell.com/show_bug.cgi?id=624215

Details

Source: MITRE

Published: 2010-09-28

Updated: 2018-10-30

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

Tenable Plugins

View all (6 total)

ID	Name	Product	Family	Severity
75619	openSUSE Security Update : libtiff-devel (openSUSE-SU-2010:0619-1)	Nessus	SuSE Local Security Checks	medium
62235	GLSA-201209-02 : libTIFF: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
55819	BlackBerry Enterprise Server PNG and TIFF Image Processing Vulnerabilities (KB27244)	Nessus	Windows	critical
52667	Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : tiff regression (USN-1085-2)	Nessus	Ubuntu Local Security Checks	high
52581	Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : tiff vulnerabilities (USN-1085-1)	Nessus	Ubuntu Local Security Checks	high
49737	Mandriva Linux Security Advisory : libtiff (MDVSA-2010:190)	Nessus	Mandriva Local Security Checks	medium