Vulnerability CVE-2010-2065: Information

Description

Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow.

Severity: MEDIUM (6.8)

References to Advisories, Solutions, and Tools

1. Affected configurations:

   1. Configuration 1

      cpe:2.3:a:libtiff:libtiff:3.4:beta29:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.7.0:beta:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.6.0:beta2:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.4:beta34:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.6.1:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.6.0:beta:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.8.0:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.7.3:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.4:beta32:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.4:beta31:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.8.1:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.4:beta36:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.4:beta24:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.4:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.5.7:alpha4:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.8.2:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.4:beta28:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.5.7:beta:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.7.2:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.4:beta37:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.7.0:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.7.1:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.5.7:alpha3:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.7.0:beta2:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.5.7:alpha:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.7.4:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.7.0:alpha:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.9.0:beta:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.5.6:beta:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.9.0:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.9.1:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.4:beta18:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.9:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.5.7:alpha2:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:3.5.6:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*

      End including

      3.9.2

      ---

      cpe:2.3:a:libtiff:libtiff:3.4:beta35:*:*:*:*:*:*

      ---