CVE-2011-0192 Information

Feb 14, 2021 cve

Description

Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions as used in ImageIO in Apple iTunes before 10.2 on Windows and other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding related to the EXPAND2D macro in libtiff/tif_fax3.h. NOTE: some of these details are obtained from third party information.

Reference

http://blackberry.com/btsc/KB27244 http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html http://secunia.com/advisories/43585 http://secunia.com/advisories/43593 http://secunia.com/advisories/43664 http://secunia.com/advisories/43934 http://secunia.com/advisories/44117 http://secunia.com/advisories/44135 http://secunia.com/advisories/50726 http://security.gentoo.org/glsa/glsa-201209-02.xml http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820 http://support.apple.com/kb/HT4554 http://support.apple.com/kb/HT4564 http://support.apple.com/kb/HT4565 http://support.apple.com/kb/HT4566 http://support.apple.com/kb/HT4581 http://support.apple.com/kb/HT4999 http://support.apple.com/kb/HT5001 http://www.debian.org/security/2011/dsa-2210 http://www.mandriva.com/security/advisories?name=MDVSA-2011:043 http://www.redhat.com/support/errata/RHSA-2011-0318.html http://www.securityfocus.com/bid/46658 http://www.securitytracker.com/id?1025153 http://www.vupen.com/english/advisories/2011/0551 http://www.vupen.com/english/advisories/2011/0599 http://www.vupen.com/english/advisories/2011/0621 http://www.vupen.com/english/advisories/2011/0845 http://www.vupen.com/english/advisories/2011/0905 http://www.vupen.com/english/advisories/2011/0930 http://www.vupen.com/english/advisories/2011/0960 https://bugzilla.redhat.com/show_bug.cgi?id=678635

Share on: