Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-954-1
HistoryJun 21, 2010 - 12:00 a.m.

tiff vulnerabilities

2010-06-2100:00:00
ubuntu.com
36

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.051 Low

EPSS

Percentile

93.0%

JSON

Releases

  • Ubuntu 10.04
  • Ubuntu 9.10
  • Ubuntu 9.04
  • Ubuntu 8.04
  • Ubuntu 6.06

Packages

  • tiff - TIFF image manipulation library

Details

Kevin Finisterre discovered that the TIFF library did not correctly handle
certain image structures. If a user or automated system were tricked
into opening a specially crafted TIFF image, a remote attacker could
execute arbitrary code with user privileges, or crash the application,
leading to a denial of service. (CVE-2010-1411)

Dan Rosenberg and Sauli Pahlman discovered multiple flaws in the TIFF
library. If a user or automated system were into opening a specially
crafted TIFF image, a remote attacker could execute arbitrary code
with user privileges, or crash the application, leading to a denial
of service. (Only Ubuntu 10.04 LTS was affected.) (CVE-2010-2065,
CVE-2010-2067)

OSVersionArchitecturePackageVersionFilename
Ubuntu9.10noarchlibtiff4< 3.8.2-13ubuntu0.3UNKNOWN
Ubuntu9.10noarchlibtiff-opengl< 3.8.2-13ubuntu0.3UNKNOWN
Ubuntu9.10noarchlibtiff-tools< 3.8.2-13ubuntu0.3UNKNOWN
Ubuntu9.10noarchlibtiff4-dev< 3.8.2-13ubuntu0.3UNKNOWN
Ubuntu9.10noarchlibtiffxx0c2< 3.8.2-13ubuntu0.3UNKNOWN
Ubuntu9.04noarchlibtiff4< 3.8.2-11ubuntu0.9.04.6UNKNOWN
Ubuntu9.04noarchlibtiff-opengl< 3.8.2-11ubuntu0.9.04.6UNKNOWN
Ubuntu9.04noarchlibtiff-tools< 3.8.2-11ubuntu0.9.04.6UNKNOWN
Ubuntu9.04noarchlibtiff4-dev< 3.8.2-11ubuntu0.9.04.6UNKNOWN
Ubuntu9.04noarchlibtiffxx0c2< 3.8.2-11ubuntu0.9.04.6UNKNOWN
Rows per page:
1-10 of 251

Related

nessus 31
openvas 40
securityvulns 3
slackware 1
fedora 7
prion 3
nvd 3
cvelist 3
debiancve 3
cve 3
osv 1
ubuntucve 4
freebsd 1
oraclelinux 2
debian 1
veracode 1
threatpost 1
centos 2
redhat 2
gentoo 1
kitploit 1
nessus
nessus
Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : tiff vulnerabilities (USN-954-1)
2010-06-22 00:00:00
Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 9.0 / 9.1 / current : libtiff (SSA:2010-180-02)
2010-07-01 00:00:00
Fedora 13 : libtiff-3.9.4-1.fc13 (2010-10334)
2010-07-02 00:00:00
openvas
openvas
Ubuntu Update for tiff vulnerabilities USN-954-1
2010-06-25 00:00:00
Ubuntu: Security Advisory (USN-954-1)
2010-06-25 00:00:00
Slackware: Security Advisory (SSA:2010-180-02)
2012-09-10 00:00:00
securityvulns
securityvulns
libtiff multiple security vulnerabilities
2010-06-29 00:00:00
[USN-954-1] tiff vulnerabilities
2010-06-23 00:00:00
iDefense Security Advisory 06.21.10: Multiple Vendor LibTIFF 3.9.2 Stack Buffer Overflow Vulnerability
2010-06-29 00:00:00
slackware
slackware
[slackware-security] libtiff
2010-06-30 06:40:02
fedora
fedora
[SECURITY] Fedora 12 Update: libtiff-3.9.4-1.fc12
2010-07-05 22:00:54
[SECURITY] Fedora 13 Update: libtiff-3.9.4-1.fc13
2010-07-01 18:43:16
[SECURITY] Fedora 13 Update: libtiff-3.9.4-4.fc13
2011-04-11 20:58:53
prion
prion
Integer overflow
2010-06-24 12:30:00
Integer overflow
2010-06-17 16:30:00
Stack overflow
2010-06-24 12:30:00
nvd
nvd
CVE-2010-2065
2010-06-24 12:30:01
CVE-2010-2067
2010-06-24 12:30:01
CVE-2010-1411
2010-06-17 16:30:01
cvelist
cvelist
CVE-2010-2067
2010-06-23 18:00:00
CVE-2010-1411
2010-06-17 16:00:00
CVE-2010-2065
2010-06-23 18:00:00
debiancve
debiancve
CVE-2010-2067
2010-06-24 12:30:01
CVE-2010-1411
2010-06-17 16:30:01
CVE-2010-2065
2010-06-24 12:30:01
cve
cve
CVE-2010-1411
2010-06-17 16:30:01
CVE-2010-2065
2010-06-24 12:30:01
CVE-2010-2067
2010-06-24 12:30:01
osv
osv
tiff - arbitrary code execution
2010-08-03 00:00:00
ubuntucve
ubuntucve
CVE-2010-2065
2010-06-13 00:00:00
CVE-2010-2067
2010-06-16 00:00:00
CVE-2010-1411
2010-06-13 00:00:00
freebsd
freebsd
tiff -- buffer overflow vulnerability
2010-04-15 00:00:00
oraclelinux
oraclelinux
libtiff security update
2010-07-08 00:00:00
libtiff security update
2010-07-08 00:00:00
debian
debian
[SECURITY] [DSA 2084-1] New tiff packages fix arbitrary code execution
2010-08-03 05:30:32
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:49:24
threatpost
threatpost
WebKit Security Flaws Haunt Apple iTunes
2010-06-17 14:44:15
centos
centos
libtiff security update
2010-08-16 20:25:13
libtiff security update
2010-07-14 22:28:07
redhat
redhat
(RHSA-2010:0520) Important: libtiff security update
2010-07-08 00:00:00
(RHSA-2010:0519) Important: libtiff security update
2010-07-08 00:00:00
gentoo
gentoo
libTIFF: Multiple vulnerabilities
2012-09-23 00:00:00
kitploit
kitploit
Radamsa - A General-Purpose Fuzzer
2024-03-25 11:30:00

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.051 Low

EPSS

Percentile

93.0%

JSON
Related for USN-954-1
nessus31openvas40securityvulns3slackware1fedora7prion3nvd3cvelist3debiancve3cve3osv1ubuntucve4freebsd1oraclelinux2debian1veracode1threatpost1centos2redhat2gentoo1kitploit1