Vulnerability CVE-2013-1960: Information

Description

Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file.

Severity: CRITICAL (9.3)

URL: https://nvd.nist.gov/vuln/detail/CVE-2013-1960
Published: July 3, 2013
Modified: Feb. 13, 2023
Error type identifier: CWE-119

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
libtiffsisyphus4.0.10.0.57.f9fc01c3-alt14.4.0-alt4ALT-PU-2019-1628-1226958Fixed
libtiffp104.0.10.0.57.f9fc01c3-alt14.4.0-alt2ALT-PU-2019-1628-1226958Fixed
libtiffp94.0.10.0.57.f9fc01c3-alt14.0.10.0.57.f9fc01c3-alt1ALT-PU-2019-1628-1226958Fixed
libtiffc10f14.0.10.0.57.f9fc01c3-alt14.4.0-alt2ALT-PU-2019-1628-1226958Fixed
libtiffc9f24.0.10.0.57.f9fc01c3-alt14.3.0-alt1ALT-PU-2019-1628-1226958Fixed
libtiffp114.0.10.0.57.f9fc01c3-alt14.4.0-alt4ALT-PU-2019-1628-1226958Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
openSUSE-SU-2013:0922
    53237
    • Vendor Advisory
    [oss-security] 20130502 Fwd: Two libtiff (tiff2pdf flaws)
      openSUSE-SU-2013:0944
        53765
        • Vendor Advisory
        DSA-2698
          https://bugzilla.redhat.com/show_bug.cgi?id=952158
            FEDORA-2013-7369
              FEDORA-2013-7339
                FEDORA-2013-7361
                  RHSA-2014:0223
                    59609

                        1. Configuration 1

                          cpe:2.3:a:remotesensing:libtiff:3.9.0:beta:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.7.3:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.5.1:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.4:beta18:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:4.0.0:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.4:beta34:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.4:beta31:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.5.6:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.7.4:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.5.7:alpha:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.5.3:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.5.7:alpha2:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.8.0:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.5.6:beta:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.4:beta35:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.9.2:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.7.0:beta:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.4:beta28:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.5.4:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.7.2:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.4:beta36:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.6.0:beta2:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.8.1:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:4.0.1:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:*:*:*:*:*:*:*:*
                          End including
                          4.0.3
                          cpe:2.3:a:remotesensing:libtiff:3.7.0:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.6.0:beta:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.9.0:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.9.1:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.7.0:beta2:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:4.0.2:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.6.0:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.5.5:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.8.2:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.9.4:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.4:beta32:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.5.7:alpha4:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.4:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.7.0:alpha:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.5.2:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.6.1:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.4:beta37:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.5.7:beta:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.7.1:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.5.7:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.4:beta29:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.9.3:*:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.4:beta24:*:*:*:*:*:*
                          cpe:2.3:a:remotesensing:libtiff:3.5.7:alpha3:*:*:*:*:*:*
                      VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
                      Version: v24.5.3
                      Back to top