Lucene search
Ubuntu.comUB:CVE-2012-2113HistoryJun 22, 2012 - 12:00 a.m.
CVE-2012-2113
2012-06-2200:00:00
ubuntu.com
ubuntu.com
10
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.043 Low
EPSS
Percentile
92.2%
Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow remote
attackers to cause a denial of service (application crash) or possibly
execute arbitrary code via a crafted tiff image, which triggers a
heap-based buffer overflow.
Bugs
- <https://bugzilla.redhat.com/show_bug.cgi?id=810551>
- <https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/1016324>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=678140>
Notes
| Author | Note |
|---|---|
| mdeslaur | can be reproduced with CVE-2012-1173 reproducer with “tiff2pdf poc.tif” |
Related
securityvulns
securityvulns
libtiff library integer overflow
2012-07-09 00:00:00
[ MDVSA-2012:054 ] libtiff
2012-04-09 00:00:00
[ MDVSA-2012:101 ] libtiff
2012-07-09 00:00:00
openvas
openvas
Fedora Update for libtiff FEDORA-2012-10089
2012-07-16 00:00:00
Fedora Update for libtiff FEDORA-2012-10089
2012-07-16 00:00:00
Fedora Update for libtiff FEDORA-2012-10978
2012-08-14 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: libtiff-3.9.6-1.fc16
2012-07-15 21:25:53
[SECURITY] Fedora 16 Update: libtiff-3.9.6-2.fc16
2012-08-09 23:17:58
[SECURITY] Fedora 16 Update: libtiff-3.9.5-3.fc16
2012-04-22 03:27:04
cve
cve
CVE-2012-2113
2012-07-22 17:55:00
CVE-2012-1173
2012-06-04 20:55:00
prion
prion
Integer overflow
2012-07-22 17:55:00
Integer overflow
2012-06-04 20:55:00
nessus
nessus
CentOS 5 / 6 : libtiff (CESA-2012:0468)
2012-04-11 00:00:00
Fedora 16 : libtiff-3.9.5-3.fc16 (2012-5410)
2012-04-23 00:00:00
openSUSE Security Update : tiff (openSUSE-SU-2012:0539-1)
2014-06-13 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package libtiff version 3.9.6-alt1
2012-04-08 00:00:00
Security fix for the ALT Linux 10 package libtiff version 3.9.6-alt3
2012-08-27 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2018-10-04 04:47:21
Denial Of Service (DoS) And Remote Code Execution (RCE)
2019-05-02 04:42:18
centos
centos
libtiff security update
2012-04-10 21:10:32
libtiff security update
2012-07-03 13:30:55
oraclelinux
oraclelinux
libtiff security update
2012-04-10 00:00:00
libtiff security update
2012-07-03 00:00:00
debian
debian
[SECURITY] [DSA 2447-1] tiff security update
2012-04-04 20:00:29
[SECURITY] [DSA 2552-1] tiff security update
2012-09-26 21:55:26
debiancve
debiancve
CVE-2012-2113
2012-07-22 17:55:00
CVE-2012-1173
2012-06-04 20:55:00
redhat
redhat
(RHSA-2012:0468) Important: libtiff security update
2012-04-10 00:00:00
(RHSA-2012:1054) Important: libtiff security update
2012-07-03 00:00:00
slackware
slackware
[slackware-security] libtiff
2012-04-04 17:44:30
[slackware-security] libtiff
2013-10-18 19:38:32
amazon
amazon
Important: libtiff
2012-04-30 14:43:00
Important: libtiff
2012-07-06 16:18:00
ubuntucve
ubuntucve
CVE-2012-1173
2012-04-04 00:00:00
zdi
zdi
LibTIFF TileSize Parsing Remote Code Execution Vulnerability
2012-03-13 00:00:00
ubuntu
ubuntu
tiff vulnerabilities
2012-07-05 00:00:00
tiff vulnerabilities
2012-04-04 00:00:00
suse
suse
Security update for libtiff (important)
2012-07-19 22:08:33
f5
f5
SOL15863 - Libtiff vulnerabilities CVE-2012-1173 and CVE-2012-2088
2014-11-25 00:00:00
K15863 : Libtiff vulnerabilities CVE-2012-1173 and CVE-2012-2088
2015-01-30 00:00:00
osv
osv
tiff - several
2012-09-26 00:00:00
gentoo
gentoo
libTIFF: Multiple vulnerabilities
2012-09-23 00:00:00
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.043 Low
EPSS
Percentile
92.2%
Related for UB:CVE-2012-2113