Lucene search

[email protected]CVE-2012-4447

HistoryOct 28, 2012 - 3:55 p.m.

CVE-2012-4447

2012-10-2815:55:01

CWE-119

[email protected]

web.nvd.nist.gov

cve-2012-4447

nvd

denial of service

remote attackers

arbitrary code

tiff image

pixarlog compression format

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.037 Low

EPSS

Percentile

91.8%

JSON

Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format.

Affected configurations

NVD

Node

libtifflibtiffRange≤4.0.2

libtifflibtiffMatch3.4

libtifflibtiffMatch3.4beta18

libtifflibtiffMatch3.4beta24

libtifflibtiffMatch3.4beta28

libtifflibtiffMatch3.4beta29

libtifflibtiffMatch3.4beta31

libtifflibtiffMatch3.4beta32

libtifflibtiffMatch3.4beta34

libtifflibtiffMatch3.4beta35

libtifflibtiffMatch3.4beta36

libtifflibtiffMatch3.4beta37

libtifflibtiffMatch3.5.1

libtifflibtiffMatch3.5.2

libtifflibtiffMatch3.5.3

libtifflibtiffMatch3.5.4

libtifflibtiffMatch3.5.5

libtifflibtiffMatch3.5.6

libtifflibtiffMatch3.5.6beta

libtifflibtiffMatch3.5.7

libtifflibtiffMatch3.5.7alpha

libtifflibtiffMatch3.5.7alpha2

libtifflibtiffMatch3.5.7alpha3

libtifflibtiffMatch3.5.7alpha4

libtifflibtiffMatch3.5.7beta

libtifflibtiffMatch3.6.0

libtifflibtiffMatch3.6.0beta

libtifflibtiffMatch3.6.0beta2

libtifflibtiffMatch3.6.1

libtifflibtiffMatch3.7.0

libtifflibtiffMatch3.7.0alpha

libtifflibtiffMatch3.7.0beta

libtifflibtiffMatch3.7.0beta2

libtifflibtiffMatch3.7.1

libtifflibtiffMatch3.7.2

libtifflibtiffMatch3.7.3

libtifflibtiffMatch3.7.4

libtifflibtiffMatch3.8.0

libtifflibtiffMatch3.8.1

libtifflibtiffMatch3.8.2

libtifflibtiffMatch3.9

libtifflibtiffMatch3.9.0

libtifflibtiffMatch3.9.0beta

libtifflibtiffMatch3.9.1

libtifflibtiffMatch3.9.2

libtifflibtiffMatch3.9.2-5.2.1

libtifflibtiffMatch3.9.3

libtifflibtiffMatch3.9.4

libtifflibtiffMatch3.9.5

libtifflibtiffMatch4.0

libtifflibtiffMatch4.0alpha

libtifflibtiffMatch4.0beta1

libtifflibtiffMatch4.0beta2

libtifflibtiffMatch4.0beta3

libtifflibtiffMatch4.0beta4

libtifflibtiffMatch4.0beta5

libtifflibtiffMatch4.0beta6

libtifflibtiffMatch4.0.1

CPENameOperatorVersion
libtiff:libtifflibtiffle4.0.2
libtiff:libtifflibtiffeq3.4
libtiff:libtifflibtiffeq3.5.1
libtiff:libtifflibtiffeq3.5.2
libtiff:libtifflibtiffeq3.5.3
libtiff:libtifflibtiffeq3.5.4
libtiff:libtifflibtiffeq3.5.5
libtiff:libtifflibtiffeq3.5.6
libtiff:libtifflibtiffeq3.5.7
libtiff:libtifflibtiffeq3.6.0

CPE	Name	Operator	Version
libtiff:libtiff	libtiff	le	4.0.2
libtiff:libtiff	libtiff	eq	3.4
libtiff:libtiff	libtiff	eq	3.5.1
libtiff:libtiff	libtiff	eq	3.5.2
libtiff:libtiff	libtiff	eq	3.5.3
libtiff:libtiff	libtiff	eq	3.5.4
libtiff:libtiff	libtiff	eq	3.5.5
libtiff:libtiff	libtiff	eq	3.5.6
libtiff:libtiff	libtiff	eq	3.5.7
libtiff:libtiff	libtiff	eq	3.6.0