Lucene search
Ubuntu.comUB:CVE-2012-4447HistoryOct 28, 2012 - 12:00 a.m.
CVE-2012-4447
2012-10-2800:00:00
ubuntu.com
ubuntu.com
14
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.044 Low
EPSS
Percentile
92.3%
Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows
remote attackers to cause a denial of service (application crash) and
possibly execute arbitrary code via a crafted TIFF image using the PixarLog
Compression format.
Bugs
- <https://bugzilla.redhat.com/show_bug.cgi?id=860198>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688944>
Notes
| Author | Note |
|---|---|
| mdeslaur | as of 2012-10-05, patch may be incomplete. See oss-security discussion. incomplete fix in 4.0.2 |
Related
openvas
openvas
Debian Security Advisory DSA 2561-1 (tiff)
2012-10-29 00:00:00
Debian: Security Advisory (DSA-2561-1)
2012-10-29 00:00:00
Mandriva Update for libtiff MDVSA-2012:174 (libtiff)
2012-11-23 00:00:00
prion
prion
Heap overflow
2012-10-28 15:55:00
nessus
nessus
Debian DSA-2561-1 : tiff - buffer overflow
2012-10-22 00:00:00
BlackBerry Enterprise Server TIFF Image Processing Vulnerabilities (KB33425)
2013-03-21 00:00:00
Mandriva Linux Security Advisory : libtiff (MDVSA-2012:174)
2012-11-23 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2561-1] tiff security update
2012-10-28 00:00:00
libtiff buffer overflow
2012-11-18 00:00:00
osv
osv
tiff - buffer overflow
2012-10-21 00:00:00
debian
debian
[SECURITY] [DSA 2561-1] tiff security update
2012-10-21 16:03:07
cve
cve
CVE-2012-4447
2012-10-28 15:55:00
debiancve
debiancve
CVE-2012-4447
2012-10-28 15:55:00
ubuntu
ubuntu
LibTIFF vulnerabilities
2012-11-15 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: libtiff-4.0.3-2.fc18
2013-01-12 00:28:00
[SECURITY] Fedora 18 Update: libtiff-4.0.3-6.fc18
2013-05-14 01:23:41
[SECURITY] Fedora 17 Update: libtiff-3.9.7-1.fc17
2012-12-31 03:28:09
amazon
amazon
Medium: libtiff
2012-12-20 13:55:00
veracode
veracode
Denial Of Service (DoS) And Remote Code Execution (RCE)
2019-05-02 04:42:00
Denial Of Service (DoS) And Remote Code Execution (RCE)
2019-05-02 04:42:00
Denial Of Service (DoS) And Remote Code Execution (RCE)
2019-05-02 04:42:00
redhat
redhat
(RHSA-2012:1590) Moderate: libtiff security update
2012-12-18 00:00:00
oraclelinux
oraclelinux
libtiff security update
2012-12-18 00:00:00
centos
centos
libtiff security update
2012-12-19 01:20:39
gentoo
gentoo
libTIFF: Multiple vulnerabilities
2014-02-21 00:00:00
slackware
slackware
[slackware-security] libtiff
2013-10-18 19:38:32
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.044 Low
EPSS
Percentile
92.3%
Related for UB:CVE-2012-4447