UbuntuUSN-801-1tiff vulnerability
6.7 Medium
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.006 Low
EPSS
Percentile
78.1%
Releases
- Ubuntu 9.04
- Ubuntu 8.10
- Ubuntu 8.04
- Ubuntu 6.06
Packages
- tiff -
Details
Tielei Wang and Tom Lane discovered that the TIFF library did not correctly
handle certain malformed TIFF images. If a user or automated system were
tricked into processing a malicious image, an attacker could execute
arbitrary code with the privileges of the user invoking the program.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 9.04 | noarch | libtiff4 | < 3.8.2-11ubuntu0.9.04.3 | UNKNOWN |
| Ubuntu | 9.04 | noarch | libtiff-opengl | < 3.8.2-11ubuntu0.9.04.3 | UNKNOWN |
| Ubuntu | 9.04 | noarch | libtiff-tools | < 3.8.2-11ubuntu0.9.04.3 | UNKNOWN |
| Ubuntu | 9.04 | noarch | libtiff4 | < dev-3.8.2-11ubuntu0.9.04.3 | UNKNOWN |
| Ubuntu | 9.04 | noarch | libtiffxx0c2 | < 3.8.2-11ubuntu0.9.04.3 | UNKNOWN |
| Ubuntu | 8.10 | noarch | libtiff4 | < 3.8.2-11ubuntu0.8.10.3 | UNKNOWN |
| Ubuntu | 8.10 | noarch | libtiff-opengl | < 3.8.2-11ubuntu0.8.10.3 | UNKNOWN |
| Ubuntu | 8.10 | noarch | libtiff-tools | < 3.8.2-11ubuntu0.8.10.3 | UNKNOWN |
| Ubuntu | 8.10 | noarch | libtiff4-dev | < 3.8.2-11ubuntu0.8.10.3 | UNKNOWN |
| Ubuntu | 8.10 | noarch | libtiffxx0c2 | < 3.8.2-11ubuntu0.8.10.3 | UNKNOWN |
References
Related
6.7 Medium
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.006 Low
EPSS
Percentile
78.1%