CVE-2009-2285 Information

Feb 14, 2021 cve

Description

Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image a different vulnerability than CVE-2008-2327.

Reference

http://bugzilla.maptools.org/show_bug.cgi?id=2065 http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html http://lists.apple.com/archives/security-announce/2010//Mar/msg00003.html http://lists.apple.com/archives/security-announce/2010/Feb/msg00000.html http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html http://secunia.com/advisories/35695 http://secunia.com/advisories/35716 http://secunia.com/advisories/35866 http://secunia.com/advisories/35883 http://secunia.com/advisories/35912 http://secunia.com/advisories/36194 http://secunia.com/advisories/36831 http://secunia.com/advisories/38241 http://secunia.com/advisories/39135 http://security.gentoo.org/glsa/glsa-200908-03.xml http://sunsolve.sun.com/search/document.do?assetkey=1-66-267808-1 http://support.apple.com/kb/HT3937 http://support.apple.com/kb/HT4004 http://support.apple.com/kb/HT4013 http://support.apple.com/kb/HT4070 http://support.apple.com/kb/HT4105 http://www.debian.org/security/2009/dsa-1835 http://www.lan.st/showthread.php?t=1856&page=3 http://www.openwall.com/lists/oss-security/2009/06/22/1 http://www.openwall.com/lists/oss-security/2009/06/23/1 http://www.openwall.com/lists/oss-security/2009/06/29/5 http://www.redhat.com/support/errata/RHSA-2009-1159.html http://www.vupen.com/english/advisories/2009/1637 http://www.vupen.com/english/advisories/2009/2727 http://www.vupen.com/english/advisories/2009/3184 http://www.vupen.com/english/advisories/2010/0173 https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/380149 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10145 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A7049 https://usn.ubuntu.com/797-1/ https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00142.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00161.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00230.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00655.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00714.html

Share on: