Lucene search

[email protected]CVE-2010-2443

HistoryJun 24, 2010 - 5:30 p.m.

CVE-2010-2443

2010-06-2417:30:01

[email protected]

web.nvd.nist.gov

libtiff

cve-2010-2443

ojpegreadbufferfill

denial of service

remote attackers

null pointer dereference

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

8.8 High

AI Score

Confidence

High

0.05 Low

EPSS

Percentile

92.9%

JSON

The OJPEGReadBufferFill function in tif_ojpeg.c in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an OJPEG image with undefined strip offsets, related to the TIFFVGetField function.

Affected configurations

NVD

Node

libtifflibtiffRange≤3.9.2

libtifflibtiffMatch3.4

libtifflibtiffMatch3.4beta18

libtifflibtiffMatch3.4beta24

libtifflibtiffMatch3.4beta28

libtifflibtiffMatch3.4beta29

libtifflibtiffMatch3.4beta31

libtifflibtiffMatch3.4beta32

libtifflibtiffMatch3.4beta34

libtifflibtiffMatch3.4beta35

libtifflibtiffMatch3.4beta36

libtifflibtiffMatch3.4beta37

libtifflibtiffMatch3.5.1

libtifflibtiffMatch3.5.2

libtifflibtiffMatch3.5.3

libtifflibtiffMatch3.5.4

libtifflibtiffMatch3.5.5

libtifflibtiffMatch3.5.6

libtifflibtiffMatch3.5.6beta

libtifflibtiffMatch3.5.7

libtifflibtiffMatch3.5.7alpha

libtifflibtiffMatch3.5.7alpha2

libtifflibtiffMatch3.5.7alpha3

libtifflibtiffMatch3.5.7alpha4

libtifflibtiffMatch3.5.7beta

libtifflibtiffMatch3.6.0

libtifflibtiffMatch3.6.0beta

libtifflibtiffMatch3.6.0beta2

libtifflibtiffMatch3.6.1

libtifflibtiffMatch3.7.0

libtifflibtiffMatch3.7.0alpha

libtifflibtiffMatch3.7.0beta

libtifflibtiffMatch3.7.0beta2

libtifflibtiffMatch3.7.1

libtifflibtiffMatch3.7.2

libtifflibtiffMatch3.7.3

libtifflibtiffMatch3.7.4

libtifflibtiffMatch3.8.0

libtifflibtiffMatch3.8.1

libtifflibtiffMatch3.8.2

libtifflibtiffMatch3.9

libtifflibtiffMatch3.9.0

libtifflibtiffMatch3.9.0beta

libtifflibtiffMatch3.9.1

CPENameOperatorVersion
libtiff:libtifflibtiffle3.9.2
libtiff:libtifflibtiffeq3.4
libtiff:libtifflibtiffeq3.5.1
libtiff:libtifflibtiffeq3.5.2
libtiff:libtifflibtiffeq3.5.3
libtiff:libtifflibtiffeq3.5.4
libtiff:libtifflibtiffeq3.5.5
libtiff:libtifflibtiffeq3.5.6
libtiff:libtifflibtiffeq3.5.7
libtiff:libtifflibtiffeq3.6.0

CPE	Name	Operator	Version
libtiff:libtiff	libtiff	le	3.9.2
libtiff:libtiff	libtiff	eq	3.4
libtiff:libtiff	libtiff	eq	3.5.1
libtiff:libtiff	libtiff	eq	3.5.2
libtiff:libtiff	libtiff	eq	3.5.3
libtiff:libtiff	libtiff	eq	3.5.4
libtiff:libtiff	libtiff	eq	3.5.5
libtiff:libtiff	libtiff	eq	3.5.6
libtiff:libtiff	libtiff	eq	3.5.7
libtiff:libtiff	libtiff	eq	3.6.0