CVE-2012-2088

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Integer signedness error in the TIFFReadDirectory function in tif_dirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion between signed and unsigned types, leading to a heap-based buffer overflow.

References

http://lists.apple.com/archives/security-announce/2013/Mar/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00010.html

http://rhn.redhat.com/errata/RHSA-2012-1054.html

http://secunia.com/advisories/49686

http://secunia.com/advisories/50726

http://security.gentoo.org/glsa/glsa-201209-02.xml

http://support.apple.com/kb/HT6162

http://support.apple.com/kb/HT6163

http://www.mandriva.com/security/advisories?name=MDVSA-2012:101

http://www.securityfocus.com/bid/54270

https://bugzilla.redhat.com/show_bug.cgi?id=832864

https://hermes.opensuse.org/messages/15083566

Details

Source: MITRE

Published: 2012-07-22

Updated: 2017-12-29

Type: CWE-189

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:libtiff:libtiff:3.4:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.4:beta18:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.4:beta24:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.4:beta28:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.4:beta29:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.4:beta31:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.4:beta32:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.4:beta34:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.4:beta35:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.4:beta36:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.4:beta37:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.5.6:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.5.6:beta:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.5.7:alpha:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.5.7:alpha2:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.5.7:alpha3:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.5.7:alpha4:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.5.7:beta:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.6.0:beta:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.6.0:beta2:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.6.1:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.7.0:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.7.0:alpha:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.7.0:beta:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.7.0:beta2:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.7.1:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.7.2:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.7.3:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.7.4:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.8.0:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.8.1:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.8.2:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.9:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.9.0:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.9.0:beta:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.9.1:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.9.2:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.9.2-5.2.1:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:3.9.3:*:*:*:*:*:*:*

cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:* versions up to 3.9.4 (inclusive)

Tenable Plugins

View all (27 total)

IDNameProductFamilySeverity
83916Scientific Linux Security Update : libtiff on SL5.x, SL6.x i386/x86_64 (20120703)NessusScientific Linux Local Security Checks
high
80680Oracle Solaris Third-Party Patch Update : libtiff (cve_2012_2088_denial_of)NessusSolaris Local Security Checks
high
80447F5 Networks BIG-IP : Libtiff vulnerabilities (SOL15863)NessusF5 Networks Local Security Checks
high
74663openSUSE Security Update : tiff (openSUSE-SU-2012:0829-1)NessusSuSE Local Security Checks
high
8250Apple TV < 6.1 Multiple VulnerabilitiesNessus Network MonitorInternet Services
high
72962Apple TV < 6.1 Multiple VulnerabilitiesNessusMisc.
high
8155Apple iOS < 7.1 Multiple VulnerabilitiesNessus Network MonitorMobile Devices
high
72907Apple iOS < 7.1 Multiple VulnerabilitiesNessusMobile Devices
high
70499Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : libtiff (SSA:2013-290-01)NessusSlackware Local Security Checks
high
69596Amazon Linux AMI : libtiff (ALAS-2012-106)NessusAmazon Linux Local Security Checks
high
68572Oracle Linux 5 / 6 : libtiff (ELSA-2012-1054)NessusOracle Linux Local Security Checks
high
66060Mandriva Linux Security Advisory : libtiff (MDVSA-2013:046)NessusMandriva Local Security Checks
high
65643BlackBerry Enterprise Server TIFF Image Processing Vulnerabilities (KB33425)NessusWindows
high
801018Mac OS X 10.8 < 10.8.3 Multiple Vulnerabilities (Security Update 2013-001)Log Correlation EngineOperating System Detection
high
6717Mac OS X 10.8 < 10.8.3 Multiple Vulnerabilities (Security Update 2013-001)Nessus Network MonitorWeb Clients
high
65578Mac OS X Multiple Vulnerabilities (Security Update 2013-001)NessusMacOS X Local Security Checks
high
65577Mac OS X 10.8.x < 10.8.3 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
high
64197SuSE 11.1 Security Update : libtiff (SAT Patch Number 6475)NessusSuSE Local Security Checks
high
62317Debian DSA-2552-1 : tiff - several vulnerabilitiesNessusDebian Local Security Checks
high
62235GLSA-201209-02 : libTIFF: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
60077SuSE 10 Security Update : libtiff (ZYPP Patch Number 8199)NessusSuSE Local Security Checks
high
59973Fedora 16 : libtiff-3.9.6-1.fc16 (2012-10089)NessusFedora Local Security Checks
high
59972Fedora 17 : libtiff-3.9.6-1.fc17 (2012-10081)NessusFedora Local Security Checks
high
59856Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : tiff vulnerabilities (USN-1498-1)NessusUbuntu Local Security Checks
high
59844RHEL 5 / 6 : libtiff (RHSA-2012:1054)NessusRed Hat Local Security Checks
high
59843Mandriva Linux Security Advisory : libtiff (MDVSA-2012:101)NessusMandriva Local Security Checks
high
59838CentOS 5 / 6 : libtiff (CESA-2012:1054)NessusCentOS Local Security Checks
high