Lucene search

K
cveMitreCVE-2009-2285
HistoryJul 01, 2009 - 1:00 p.m.

CVE-2009-2285

2009-07-0113:00:01
CWE-119
mitre
web.nvd.nist.gov
55
cve-2009-2285
buffer underflow
lzwdecodecompat
libtiff 3.8.2
denial of service
tiff image

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.7

Confidence

High

EPSS

0.008

Percentile

81.9%

Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327.

Affected configurations

Nvd
Node
libtifflibtiffMatch3.8.2
VendorProductVersionCPE
libtifflibtiff3.8.2cpe:2.3:a:libtiff:libtiff:3.8.2:*:*:*:*:*:*:*

References

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.7

Confidence

High

EPSS

0.008

Percentile

81.9%