Lucene search

K

[email protected]NVD:CVE-2010-4665

HistoryMay 03, 2011 - 8:55 p.m.

CVE-2010-4665

2011-05-0320:55:04

CWE-189

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

7.3 High

AI Score

Confidence

High

0.045 Low

EPSS

Percentile

92.5%

Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF file containing a directory data structure with many directory entries.

Affected configurations

NVD

Node

libtifflibtiffRange≤3.9.4

OR

libtifflibtiffMatch3.4

OR

libtifflibtiffMatch3.4beta18

OR

libtifflibtiffMatch3.4beta24

OR

libtifflibtiffMatch3.4beta28

OR

libtifflibtiffMatch3.4beta29

OR

libtifflibtiffMatch3.4beta31

OR

libtifflibtiffMatch3.4beta32

OR

libtifflibtiffMatch3.4beta34

OR

libtifflibtiffMatch3.4beta35

OR

libtifflibtiffMatch3.4beta36

OR

libtifflibtiffMatch3.4beta37

OR

libtifflibtiffMatch3.5.1

OR

libtifflibtiffMatch3.5.2

OR

libtifflibtiffMatch3.5.3

OR

libtifflibtiffMatch3.5.4

OR

libtifflibtiffMatch3.5.5

OR

libtifflibtiffMatch3.5.6

OR

libtifflibtiffMatch3.5.6beta

OR

libtifflibtiffMatch3.5.7

OR

libtifflibtiffMatch3.5.7alpha

OR

libtifflibtiffMatch3.5.7alpha2

OR

libtifflibtiffMatch3.5.7alpha3

OR

libtifflibtiffMatch3.5.7alpha4

OR

libtifflibtiffMatch3.5.7beta

OR

libtifflibtiffMatch3.6.0

OR

libtifflibtiffMatch3.6.0beta

OR

libtifflibtiffMatch3.6.0beta2

OR

libtifflibtiffMatch3.6.1

OR

libtifflibtiffMatch3.7.0

OR

libtifflibtiffMatch3.7.0alpha

OR

libtifflibtiffMatch3.7.0beta

OR

libtifflibtiffMatch3.7.0beta2

OR

libtifflibtiffMatch3.7.1

OR

libtifflibtiffMatch3.7.2

OR

libtifflibtiffMatch3.7.3

OR

libtifflibtiffMatch3.7.4

OR

libtifflibtiffMatch3.8.0

OR

libtifflibtiffMatch3.8.1

OR

libtifflibtiffMatch3.8.2

OR

libtifflibtiffMatch3.9

OR

libtifflibtiffMatch3.9.0

OR

libtifflibtiffMatch3.9.0beta

OR

libtifflibtiffMatch3.9.1

OR

libtifflibtiffMatch3.9.2

OR

libtifflibtiffMatch3.9.2-5.2.1

OR

libtifflibtiffMatch3.9.3

References

bugzilla.maptools.org/show_bug.cgi?id=2218

lists.fedoraproject.org/pipermail/package-announce/2011-April/058478.html

lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html

openwall.com/lists/oss-security/2011/04/12/10

secunia.com/advisories/44271

secunia.com/advisories/50726

security.gentoo.org/glsa/glsa-201209-02.xml

ubuntu.com/usn/usn-1416-1

www.debian.org/security/2012/dsa-2552

www.remotesensing.org/libtiff/v3.9.5.html

www.securityfocus.com/bid/47338

bugzilla.redhat.com/show_bug.cgi?id=695887

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

7.3 High

AI Score

Confidence

High

0.045 Low

EPSS

Percentile

92.5%

Related for NVD:CVE-2010-4665

cvelist1 debiancve1 cve1 ubuntucve1 prion1 nessus15 openvas9 ubuntu1 fedora2 centos1 redhat1 oraclelinux1 debian1 osv1 gentoo1