Lucene search

K
ubuntucveUbuntu.comUB:CVE-2011-0192
HistoryMar 02, 2011 - 12:00 a.m.

CVE-2011-0192

2011-03-0200:00:00
ubuntu.com
ubuntu.com
25

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.048

Percentile

92.7%

Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions,
as used in ImageIO in Apple iTunes before 10.2 on Windows and other
products, allows remote attackers to execute arbitrary code or cause a
denial of service (application crash) via a crafted TIFF Internet Fax image
file that has been compressed using CCITT Group 4 encoding, related to the
EXPAND2D macro in libtiff/tif_fax3.h. NOTE: some of these details are
obtained from third party information.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchtiff< 3.7.4-1ubuntu3.9UNKNOWN
ubuntu8.04noarchtiff< 3.8.2-7ubuntu3.7UNKNOWN
ubuntu9.10noarchtiff< 3.8.2-13ubuntu0.4UNKNOWN
ubuntu10.04noarchtiff< 3.9.2-2ubuntu0.4UNKNOWN
ubuntu10.10noarchtiff< 3.9.4-2ubuntu0.1UNKNOWN

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.048

Percentile

92.7%