CVE-2013-1961

HIGH

Description

Stack-based buffer overflow in the t2p_write_pdf_page function in tiff2pdf in libtiff before 4.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted image length and resolution in a TIFF image file.

References

http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104916.html

http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105253.html

http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105828.html

http://lists.opensuse.org/opensuse-updates/2013-06/msg00058.html

http://lists.opensuse.org/opensuse-updates/2013-06/msg00080.html

http://rhn.redhat.com/errata/RHSA-2014-0223.html

http://seclists.org/oss-sec/2013/q2/254

http://secunia.com/advisories/53237

http://secunia.com/advisories/53765

http://www.debian.org/security/2013/dsa-2698

http://www.securityfocus.com/bid/59607

https://bugzilla.redhat.com/show_bug.cgi?id=952131

Details

Source: MITRE

Published: 2013-07-03

Updated: 2016-12-31

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:remotesensing:libtiff:3.4:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.4:beta18:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.4:beta24:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.4:beta28:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.4:beta29:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.4:beta31:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.4:beta32:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.4:beta34:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.4:beta35:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.4:beta36:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.4:beta37:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.5.1:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.5.2:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.5.3:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.5.4:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.5.5:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.5.6:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.5.6:beta:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.5.7:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.5.7:alpha:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.5.7:alpha2:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.5.7:alpha3:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.5.7:alpha4:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.5.7:beta:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.6.0:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.6.0:beta:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.6.0:beta2:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.6.1:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.7.0:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.7.0:alpha:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.7.0:beta:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.7.0:beta2:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.7.1:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.7.2:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.7.3:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.7.4:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.8.0:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.8.1:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.8.2:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.9.0:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.9.0:beta:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.9.1:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.9.2:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.9.3:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:3.9.4:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:4.0.0:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:4.0.2:*:*:*:*:*:*:*

cpe:2.3:a:remotesensing:libtiff:*:*:*:*:*:*:*:* versions up to 4.0.3 (inclusive)

Tenable Plugins

View all (25 total)

ID	Name	Product	Family	Severity
124940	EulerOS Virtualization 3.0.1.0 : libtiff (EulerOS-SA-2019-1437)	Nessus	Huawei Local Security Checks	high
93322	Debian DLA-610-2 : tiff3 regression update	Nessus	Debian Local Security Checks	high
92691	OracleVM 3.3 / 3.4 : libtiff (OVMSA-2016-0093)	Nessus	OracleVM Local Security Checks	high
84010	F5 Networks BIG-IP : Multiple LibTIFF vulnerabilities (K16715)	Nessus	F5 Networks Local Security Checks	high
80681	Oracle Solaris Third-Party Patch Update : libtiff (cve_2012_4564_design_error1)	Nessus	Solaris Local Security Checks	high
75005	openSUSE Security Update : tiff (openSUSE-SU-2013:0944-1)	Nessus	SuSE Local Security Checks	high
73061	Amazon Linux AMI : libtiff (ALAS-2014-307)	Nessus	Amazon Linux Local Security Checks	high
72739	Scientific Linux Security Update : libtiff on SL6.x i386/x86_64 (20140227)	Nessus	Scientific Linux Local Security Checks	high
72738	Scientific Linux Security Update : libtiff on SL5.x i386/x86_64 (20140227)	Nessus	Scientific Linux Local Security Checks	high
72737	RHEL 5 : libtiff (RHSA-2014:0223)	Nessus	Red Hat Local Security Checks	high
72736	RHEL 6 : libtiff (RHSA-2014:0222)	Nessus	Red Hat Local Security Checks	high
72735	Oracle Linux 5 : libtiff (ELSA-2014-0223)	Nessus	Oracle Linux Local Security Checks	high
72734	Oracle Linux 6 : libtiff (ELSA-2014-0222)	Nessus	Oracle Linux Local Security Checks	high
72733	CentOS 5 : libtiff (CESA-2014:0223)	Nessus	CentOS Local Security Checks	high
72732	CentOS 6 : libtiff (CESA-2014:0222)	Nessus	CentOS Local Security Checks	high
72635	GLSA-201402-21 : libTIFF: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
70499	Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : libtiff (SSA:2013-290-01)	Nessus	Slackware Local Security Checks	high
69231	Mandriva Linux Security Advisory : libtiff (MDVSA-2013:208)	Nessus	Mandriva Local Security Checks	high
66916	Debian DSA-2698-1 : tiff - buffer overflow	Nessus	Debian Local Security Checks	high
66540	Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 : tiff vulnerabilities (USN-1832-1)	Nessus	Ubuntu Local Security Checks	high
66501	Fedora 17 : libtiff-3.9.7-2.fc17 (2013-7361)	Nessus	Fedora Local Security Checks	high
66465	SuSE 10 Security Update : libtiff (ZYPP Patch Number 8564)	Nessus	SuSE Local Security Checks	high
66463	SuSE 11.2 Security Update : libtiff (SAT Patch Number 7707)	Nessus	SuSE Local Security Checks	high
66401	Fedora 18 : libtiff-4.0.3-6.fc18 (2013-7369)	Nessus	Fedora Local Security Checks	high
66368	Fedora 19 : libtiff-4.0.3-6.fc19 (2013-7339)	Nessus	Fedora Local Security Checks	high