Lucene search
Ubuntu.comUB:CVE-2010-2595HistoryJul 02, 2010 - 12:00 a.m.
CVE-2010-2595
2010-07-0200:00:00
ubuntu.com
ubuntu.com
9
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.024 Low
EPSS
Percentile
89.8%
The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in
ImageMagick, does not properly handle invalid ReferenceBlackWhite values,
which allows remote attackers to cause a denial of service (application
crash) via a crafted TIFF image that triggers an array index error, related
to “downsampled OJPEG input.”
Bugs
Related
prion
prion
Input validation
2010-07-02 12:43:00
debiancve
debiancve
CVE-2010-2595
2010-07-02 12:43:00
cve
cve
CVE-2010-2595
2010-07-02 12:43:00
altlinux
altlinux
Security fix for the ALT Linux 5 package libtiff version 3.9.4-alt5
2011-03-09 00:00:00
Security fix for the ALT Linux 10 package libtiff version 3.9.4-alt5
2011-03-09 00:00:00
Security fix for the ALT Linux 5 package libtiff version 3.9.5-alt1.M50P.1
2011-09-29 00:00:00
nessus
nessus
BlackBerry Enterprise Server PNG and TIFF Image Processing Vulnerabilities (KB27244)
2011-08-11 00:00:00
CentOS 4 / 5 : libtiff (CESA-2010:0519)
2010-07-16 00:00:00
Mandriva Linux Security Advisory : libtiff (MDVSA-2010:145)
2010-08-09 00:00:00
openvas
openvas
RedHat Update for libtiff RHSA-2010:0519-01
2010-07-12 00:00:00
RedHat Update for libtiff RHSA-2010:0519-01
2010-07-12 00:00:00
CentOS Update for libtiff CESA-2010:0519 centos5 i386
2011-08-09 00:00:00
oraclelinux
oraclelinux
libtiff security update
2010-07-08 00:00:00
redhat
redhat
(RHSA-2010:0519) Important: libtiff security update
2010-07-08 00:00:00
centos
centos
libtiff security update
2010-07-14 22:28:07
debian
debian
[SECURITY] [DSA 2552-1] tiff security update
2012-09-26 21:55:26
ubuntu
ubuntu
tiff regression
2011-03-15 00:00:00
tiff vulnerabilities
2011-03-07 00:00:00
osv
osv
tiff - several
2012-09-26 00:00:00
gentoo
gentoo
libTIFF: Multiple vulnerabilities
2012-09-23 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.024 Low
EPSS
Percentile
89.8%
Related for UB:CVE-2010-2595