6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.049 Low
EPSS
Percentile
92.7%
Issue Overview:
Use-after-free vulnerability in the t2p_readwrite_pdf_image function in tools/tiff2pdf.c in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) or possible execute arbitrary code via a crafted TIFF image.
The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted GIF image.
Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image.
Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3) a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are disputed by Red Hat, which states that the input cannot exceed the allocated buffer size.
Affected Packages:
libtiff
Issue Correction:
Run yum update libtiff to update your system.
New Packages:
i686:
libtiff-devel-4.0.3-15.19.amzn1.i686
libtiff-4.0.3-15.19.amzn1.i686
libtiff-static-4.0.3-15.19.amzn1.i686
libtiff-debuginfo-4.0.3-15.19.amzn1.i686
src:
libtiff-4.0.3-15.19.amzn1.src
x86_64:
libtiff-devel-4.0.3-15.19.amzn1.x86_64
libtiff-static-4.0.3-15.19.amzn1.x86_64
libtiff-4.0.3-15.19.amzn1.x86_64
libtiff-debuginfo-4.0.3-15.19.amzn1.x86_64
Red Hat: CVE-2013-4231, CVE-2013-4232, CVE-2013-4243, CVE-2013-4244
Mitre: CVE-2013-4231, CVE-2013-4232, CVE-2013-4243, CVE-2013-4244
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Amazon Linux | 1 | i686 | libtiff-devel | < 4.0.3-15.19.amzn1 | libtiff-devel-4.0.3-15.19.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | libtiff | < 4.0.3-15.19.amzn1 | libtiff-4.0.3-15.19.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | libtiff-static | < 4.0.3-15.19.amzn1 | libtiff-static-4.0.3-15.19.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | libtiff-debuginfo | < 4.0.3-15.19.amzn1 | libtiff-debuginfo-4.0.3-15.19.amzn1.i686.rpm |
Amazon Linux | 1 | x86_64 | libtiff-devel | < 4.0.3-15.19.amzn1 | libtiff-devel-4.0.3-15.19.amzn1.x86_64.rpm |
Amazon Linux | 1 | x86_64 | libtiff-static | < 4.0.3-15.19.amzn1 | libtiff-static-4.0.3-15.19.amzn1.x86_64.rpm |
Amazon Linux | 1 | x86_64 | libtiff | < 4.0.3-15.19.amzn1 | libtiff-4.0.3-15.19.amzn1.x86_64.rpm |
Amazon Linux | 1 | x86_64 | libtiff-debuginfo | < 4.0.3-15.19.amzn1 | libtiff-debuginfo-4.0.3-15.19.amzn1.x86_64.rpm |