Lucene search

K
nvd[email protected]NVD:CVE-2008-2327
HistoryAug 27, 2008 - 8:41 p.m.

CVE-2008-2327

2008-08-2720:41:00
CWE-119
web.nvd.nist.gov
8

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

High

EPSS

0.008

Percentile

81.9%

Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.

Affected configurations

Nvd
Node
libtifflibtiffRange≀3.8.2
OR
libtifflibtiffMatch3.4
OR
libtifflibtiffMatch3.5.1
OR
libtifflibtiffMatch3.5.2
OR
libtifflibtiffMatch3.5.3
OR
libtifflibtiffMatch3.5.4
OR
libtifflibtiffMatch3.5.5
OR
libtifflibtiffMatch3.5.6
OR
libtifflibtiffMatch3.5.7
OR
libtifflibtiffMatch3.6.0
OR
libtifflibtiffMatch3.6.1
OR
libtifflibtiffMatch3.7.0
OR
libtifflibtiffMatch3.7.1
OR
libtifflibtiffMatch3.8.0
OR
libtifflibtiffMatch3.8.1
VendorProductVersionCPE
libtifflibtiff*cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*
libtifflibtiff3.4cpe:2.3:a:libtiff:libtiff:3.4:*:*:*:*:*:*:*
libtifflibtiff3.5.1cpe:2.3:a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*
libtifflibtiff3.5.2cpe:2.3:a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*
libtifflibtiff3.5.3cpe:2.3:a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*
libtifflibtiff3.5.4cpe:2.3:a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*
libtifflibtiff3.5.5cpe:2.3:a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*
libtifflibtiff3.5.6cpe:2.3:a:libtiff:libtiff:3.5.6:*:*:*:*:*:*:*
libtifflibtiff3.5.7cpe:2.3:a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*
libtifflibtiff3.6.0cpe:2.3:a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*
Rows per page:
1-10 of 151

References

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

High

EPSS

0.008

Percentile

81.9%