Lucene search

[email protected]CVE-2013-1960

HistoryJul 03, 2013 - 6:55 p.m.

CVE-2013-1960

2013-07-0318:55:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2013-1960

nvd

libtiff

buffer overflow

t2p_process_jpeg_strip

denial of service

remote attack

arbitrary code execution

tiff image file

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.8 High

AI Score

Confidence

High

0.044 Low

EPSS

Percentile

92.5%

JSON

Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file.

Affected configurations

NVD

Node

remotesensinglibtiffRange≤4.0.3

remotesensinglibtiffMatch3.4

remotesensinglibtiffMatch3.4beta18

remotesensinglibtiffMatch3.4beta24

remotesensinglibtiffMatch3.4beta28

remotesensinglibtiffMatch3.4beta29

remotesensinglibtiffMatch3.4beta31

remotesensinglibtiffMatch3.4beta32

remotesensinglibtiffMatch3.4beta34

remotesensinglibtiffMatch3.4beta35

remotesensinglibtiffMatch3.4beta36

remotesensinglibtiffMatch3.4beta37

remotesensinglibtiffMatch3.5.1

remotesensinglibtiffMatch3.5.2

remotesensinglibtiffMatch3.5.3

remotesensinglibtiffMatch3.5.4

remotesensinglibtiffMatch3.5.5

remotesensinglibtiffMatch3.5.6

remotesensinglibtiffMatch3.5.6beta

remotesensinglibtiffMatch3.5.7

remotesensinglibtiffMatch3.5.7alpha

remotesensinglibtiffMatch3.5.7alpha2

remotesensinglibtiffMatch3.5.7alpha3

remotesensinglibtiffMatch3.5.7alpha4

remotesensinglibtiffMatch3.5.7beta

remotesensinglibtiffMatch3.6.0

remotesensinglibtiffMatch3.6.0beta

remotesensinglibtiffMatch3.6.0beta2

remotesensinglibtiffMatch3.6.1

remotesensinglibtiffMatch3.7.0

remotesensinglibtiffMatch3.7.0alpha

remotesensinglibtiffMatch3.7.0beta

remotesensinglibtiffMatch3.7.0beta2

remotesensinglibtiffMatch3.7.1

remotesensinglibtiffMatch3.7.2

remotesensinglibtiffMatch3.7.3

remotesensinglibtiffMatch3.7.4

remotesensinglibtiffMatch3.8.0

remotesensinglibtiffMatch3.8.1

remotesensinglibtiffMatch3.8.2

remotesensinglibtiffMatch3.9.0

remotesensinglibtiffMatch3.9.0beta

remotesensinglibtiffMatch3.9.1

remotesensinglibtiffMatch3.9.2

remotesensinglibtiffMatch3.9.3

remotesensinglibtiffMatch3.9.4

remotesensinglibtiffMatch4.0.0

remotesensinglibtiffMatch4.0.1

remotesensinglibtiffMatch4.0.2

CPENameOperatorVersion
remotesensing:libtiffremotesensing libtiffle4.0.3
remotesensing:libtiffremotesensing libtiffeq3.4
remotesensing:libtiffremotesensing libtiffeq3.5.1
remotesensing:libtiffremotesensing libtiffeq3.5.2
remotesensing:libtiffremotesensing libtiffeq3.5.3
remotesensing:libtiffremotesensing libtiffeq3.5.4
remotesensing:libtiffremotesensing libtiffeq3.5.5
remotesensing:libtiffremotesensing libtiffeq3.5.6
remotesensing:libtiffremotesensing libtiffeq3.5.7
remotesensing:libtiffremotesensing libtiffeq3.6.0

CPE	Name	Operator	Version
remotesensing:libtiff	remotesensing libtiff	le	4.0.3
remotesensing:libtiff	remotesensing libtiff	eq	3.4
remotesensing:libtiff	remotesensing libtiff	eq	3.5.1
remotesensing:libtiff	remotesensing libtiff	eq	3.5.2
remotesensing:libtiff	remotesensing libtiff	eq	3.5.3
remotesensing:libtiff	remotesensing libtiff	eq	3.5.4
remotesensing:libtiff	remotesensing libtiff	eq	3.5.5
remotesensing:libtiff	remotesensing libtiff	eq	3.5.6
remotesensing:libtiff	remotesensing libtiff	eq	3.5.7
remotesensing:libtiff	remotesensing libtiff	eq	3.6.0