Lucene search

K

[email protected]CVE-2011-1167

HistoryMar 28, 2011 - 4:55 p.m.

CVE-2011-1167

2011-03-2816:55:00

CWE-119

[email protected]

web.nvd.nist.gov

44

libtiff

buffer overflow

cve-2011-1167

security

vulnerability

nvd

7.7 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.239 Low

EPSS

Percentile

96.6%

Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value.

CPENameOperatorVersion
libtiff:libtifflibtiffeq3.4
libtiff:libtifflibtiffeq3.7.0
libtiff:libtifflibtiffeq3.6.0
libtiff:libtifflibtiffeq3.6.1
libtiff:libtifflibtiffeq3.8.0
libtiff:libtifflibtiffeq3.7.3
libtiff:libtifflibtiffeq3.8.1
libtiff:libtifflibtiffeq3.9.3
libtiff:libtifflibtiffeq3.5.7
libtiff:libtifflibtiffeq3.8.2

Rows per page:

1-10 of 251

References

blackberry.com/btsc/KB27244

bugzilla.maptools.org/show_bug.cgi?id=2300

lists.apple.com/archives/security-announce/2012/Feb/msg00000.html

lists.apple.com/archives/security-announce/2012/May/msg00001.html

lists.apple.com/archives/security-announce/2012/Sep/msg00003.html

lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html

lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html

lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html

secunia.com/advisories/43900

secunia.com/advisories/43934

secunia.com/advisories/43974

secunia.com/advisories/44117

secunia.com/advisories/44135

secunia.com/advisories/50726

security.gentoo.org/glsa/glsa-201209-02.xml

securityreason.com/securityalert/8165

slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820

support.apple.com/kb/HT5130

support.apple.com/kb/HT5281

support.apple.com/kb/HT5503

ubuntu.com/usn/usn-1102-1

www.debian.org/security/2011/dsa-2210

www.mandriva.com/security/advisories?name=MDVSA-2011:064

www.osvdb.org/71256

www.redhat.com/support/errata/RHSA-2011-0392.html

www.securityfocus.com/archive/1/517101/100/0/threaded

www.securityfocus.com/bid/46951

www.securitytracker.com/id?1025257

www.vupen.com/english/advisories/2011/0795

www.vupen.com/english/advisories/2011/0845

www.vupen.com/english/advisories/2011/0859

www.vupen.com/english/advisories/2011/0860

www.vupen.com/english/advisories/2011/0905

www.vupen.com/english/advisories/2011/0930

www.vupen.com/english/advisories/2011/0960

www.zerodayinitiative.com/advisories/ZDI-11-107

bugzilla.redhat.com/show_bug.cgi?id=684939

exchange.xforce.ibmcloud.com/vulnerabilities/66247

7.7 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.239 Low

EPSS

Percentile

96.6%

Related for CVE-2011-1167

nessus29 altlinux3 ubuntucve1 prion1 securityvulns9 ubuntu1 cvelist1 openvas33 centos1 fedora7 zdi1 veracode1 debiancve1 redhat1 slackware1 oraclelinux1 debian3 osv1 gentoo1