CVE-2010-2481 Information

Feb 14, 2021 cve

Description

The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file.

Reference

http://bugzilla.maptools.org/show_bug.cgi?id=2210 http://marc.info/?l=oss-security&m=127731610612908&w=2 http://marc.info/?l=oss-security&m=127736307002102&w=2 http://marc.info/?l=oss-security&m=127738540902757&w=2 http://marc.info/?l=oss-security&m=127781315415896&w=2 http://marc.info/?l=oss-security&m=127797353202873&w=2 http://secunia.com/advisories/40527 http://secunia.com/advisories/50726 http://security.gentoo.org/glsa/glsa-201209-02.xml http://www.openwall.com/lists/oss-security/2010/06/30/22 http://www.redhat.com/support/errata/RHSA-2010-0519.html http://www.vupen.com/english/advisories/2010/1761

Share on: