Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-2447-1:7682C
HistoryApr 04, 2012 - 8:00 p.m.

[SECURITY] [DSA 2447-1] tiff security update

2012-04-0420:00:29
lists.debian.org
11

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.092 Low

EPSS

Percentile

94.6%

JSON

Debian Security Advisory DSA-2447-1 [email protected]
http://www.debian.org/security/ Moritz Muehlenhoff
April 04, 2012 http://www.debian.org/security/faq

Package : tiff
Vulnerability : integer overflow
Problem type : local(remote)
Debian-specific: no
CVE ID : CVE-2012-1173

Alexander Gavrun discovered an integer overflow in the TIFF library
in the parsing of the TileSize entry, which could result in the execution
of arbitrary code if a malformed image is opened.

For the stable distribution (squeeze), this problem has been fixed in
version 3.9.4-5+squeeze4.

For the unstable distribution (sid), this problem will be fixed soon.

We recommend that you upgrade your tiff packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian6i386libtiff-tools< 3.9.4-5+squeeze4libtiff-tools_3.9.4-5+squeeze4_i386.deb
Debian6sparclibtiffxx0c2< 3.9.4-5+squeeze4libtiffxx0c2_3.9.4-5+squeeze4_sparc.deb
Debian6powerpclibtiff-tools< 3.9.4-5+squeeze4libtiff-tools_3.9.4-5+squeeze4_powerpc.deb
Debian6kfreebsd-amd64libtiff-opengl< 3.9.4-5+squeeze4libtiff-opengl_3.9.4-5+squeeze4_kfreebsd-amd64.deb
Debian6kfreebsd-i386libtiff4-dev< 3.9.4-5+squeeze4libtiff4-dev_3.9.4-5+squeeze4_kfreebsd-i386.deb
Debian6sparclibtiff-opengl< 3.9.4-5+squeeze4libtiff-opengl_3.9.4-5+squeeze4_sparc.deb
Debian6sparclibtiff4< 3.9.4-5+squeeze4libtiff4_3.9.4-5+squeeze4_sparc.deb
Debian6kfreebsd-i386libtiff4< 3.9.4-5+squeeze4libtiff4_3.9.4-5+squeeze4_kfreebsd-i386.deb
Debian6amd64libtiff-tools< 3.9.4-5+squeeze4libtiff-tools_3.9.4-5+squeeze4_amd64.deb
Debian6s390libtiff-opengl< 3.9.4-5+squeeze4libtiff-opengl_3.9.4-5+squeeze4_s390.deb
Rows per page:
1-10 of 571

Related

openvas 35
nessus 23
prion 1
altlinux 1
veracode 1
centos 1
fedora 6
redhat 1
slackware 1
debiancve 1
securityvulns 8
cve 1
amazon 1
oraclelinux 1
ubuntucve 2
zdi 1
f5 2
ubuntu 1
gentoo 1
openvas
openvas
Mandriva Update for libtiff MDVSA-2012:054 (libtiff)
2012-08-03 00:00:00
Fedora Update for libtiff FEDORA-2012-5463
2012-08-30 00:00:00
Fedora Update for libtiff FEDORA-2012-5410
2012-04-23 00:00:00
nessus
nessus
CentOS 5 / 6 : libtiff (CESA-2012:0468)
2012-04-11 00:00:00
Fedora 16 : libtiff-3.9.5-3.fc16 (2012-5410)
2012-04-23 00:00:00
openSUSE Security Update : tiff (openSUSE-SU-2012:0539-1)
2014-06-13 00:00:00
prion
prion
Integer overflow
2012-06-04 20:55:00
altlinux
altlinux
Security fix for the ALT Linux 10 package libtiff version 3.9.6-alt1
2012-04-08 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2018-10-04 04:47:21
centos
centos
libtiff security update
2012-04-10 21:10:32
fedora
fedora
[SECURITY] Fedora 16 Update: libtiff-3.9.5-3.fc16
2012-04-22 03:27:04
[SECURITY] Fedora 17 Update: libtiff-3.9.5-3.fc17
2012-04-12 02:24:24
[SECURITY] Fedora 15 Update: libtiff-3.9.5-3.fc15
2012-04-18 19:27:41
redhat
redhat
(RHSA-2012:0468) Important: libtiff security update
2012-04-10 00:00:00
slackware
slackware
[slackware-security] libtiff
2012-04-04 17:44:30
debiancve
debiancve
CVE-2012-1173
2012-06-04 20:55:00
securityvulns
securityvulns
[ MDVSA-2012:054 ] libtiff
2012-04-09 00:00:00
libtiff library integer overflow
2012-07-09 00:00:00
Apple Mac OS X multiple security vulnerabilities
2012-10-01 00:00:00
cve
cve
CVE-2012-1173
2012-06-04 20:55:00
amazon
amazon
Important: libtiff
2012-04-30 14:43:00
oraclelinux
oraclelinux
libtiff security update
2012-04-10 00:00:00
ubuntucve
ubuntucve
CVE-2012-1173
2012-04-04 00:00:00
CVE-2012-2113
2012-06-22 00:00:00
zdi
zdi
LibTIFF TileSize Parsing Remote Code Execution Vulnerability
2012-03-13 00:00:00
f5
f5
SOL15863 - Libtiff vulnerabilities CVE-2012-1173 and CVE-2012-2088
2014-11-25 00:00:00
K15863 : Libtiff vulnerabilities CVE-2012-1173 and CVE-2012-2088
2015-01-30 00:00:00
ubuntu
ubuntu
tiff vulnerabilities
2012-04-04 00:00:00
gentoo
gentoo
libTIFF: Multiple vulnerabilities
2012-09-23 00:00:00

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.092 Low

EPSS

Percentile

94.6%

JSON
Related for DEBIAN:DSA-2447-1:7682C
openvas35nessus23prion1altlinux1veracode1centos1fedora6redhat1slackware1debiancve1securityvulns8cve1amazon1oraclelinux1ubuntucve2zdi1f52ubuntu1gentoo1