Lucene search

[email protected]CVE-2013-4243

HistorySep 10, 2013 - 7:55 p.m.

CVE-2013-4243

2013-09-1019:55:11

CWE-119

[email protected]

web.nvd.nist.gov

security

vulnerability

libtiff

buffer overflow

heap-based

nvd

cve-2013-4243

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

9.1 High

AI Score

Confidence

High

0.035 Low

EPSS

Percentile

91.6%

JSON

Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image.

Affected configurations

NVD

Node

libtifflibtiffRange≤4.0.3

libtifflibtiffMatch3.4

libtifflibtiffMatch3.4beta18

libtifflibtiffMatch3.4beta24

libtifflibtiffMatch3.4beta28

libtifflibtiffMatch3.4beta29

libtifflibtiffMatch3.4beta31

libtifflibtiffMatch3.4beta32

libtifflibtiffMatch3.4beta34

libtifflibtiffMatch3.4beta35

libtifflibtiffMatch3.4beta36

libtifflibtiffMatch3.4beta37

libtifflibtiffMatch3.5.1

libtifflibtiffMatch3.5.2

libtifflibtiffMatch3.5.3

libtifflibtiffMatch3.5.4

libtifflibtiffMatch3.5.5

libtifflibtiffMatch3.5.6

libtifflibtiffMatch3.5.6beta

libtifflibtiffMatch3.5.7

libtifflibtiffMatch3.5.7alpha

libtifflibtiffMatch3.5.7alpha2

libtifflibtiffMatch3.5.7alpha3

libtifflibtiffMatch3.5.7alpha4

libtifflibtiffMatch3.5.7beta

libtifflibtiffMatch3.6.0

libtifflibtiffMatch3.6.0beta

libtifflibtiffMatch3.6.0beta2

libtifflibtiffMatch3.6.1

libtifflibtiffMatch3.7.0

libtifflibtiffMatch3.7.0alpha

libtifflibtiffMatch3.7.0beta

libtifflibtiffMatch3.7.0beta2

libtifflibtiffMatch3.7.1

libtifflibtiffMatch3.7.2

libtifflibtiffMatch3.7.3

libtifflibtiffMatch3.7.4

libtifflibtiffMatch3.8.0

libtifflibtiffMatch3.8.1

libtifflibtiffMatch3.8.2

libtifflibtiffMatch3.9

libtifflibtiffMatch3.9.0

libtifflibtiffMatch3.9.0beta

libtifflibtiffMatch3.9.1

libtifflibtiffMatch3.9.2

libtifflibtiffMatch3.9.2-5.2.1

libtifflibtiffMatch3.9.3

libtifflibtiffMatch3.9.4

libtifflibtiffMatch3.9.5

libtifflibtiffMatch4.0

libtifflibtiffMatch4.0alpha

libtifflibtiffMatch4.0beta1

libtifflibtiffMatch4.0beta2

libtifflibtiffMatch4.0beta3

libtifflibtiffMatch4.0beta4

libtifflibtiffMatch4.0beta5

libtifflibtiffMatch4.0beta6

libtifflibtiffMatch4.0.1

libtifflibtiffMatch4.0.2

AND

debiandebian_linuxMatch6.0

debiandebian_linuxMatch7.0

CPENameOperatorVersion
libtiff:libtifflibtiffle4.0.3
libtiff:libtifflibtiffeq3.4
libtiff:libtifflibtiffeq3.5.1
libtiff:libtifflibtiffeq3.5.2
libtiff:libtifflibtiffeq3.5.3
libtiff:libtifflibtiffeq3.5.4
libtiff:libtifflibtiffeq3.5.5
libtiff:libtifflibtiffeq3.5.6
libtiff:libtifflibtiffeq3.5.7
libtiff:libtifflibtiffeq3.6.0

CPE	Name	Operator	Version
libtiff:libtiff	libtiff	le	4.0.3
libtiff:libtiff	libtiff	eq	3.4
libtiff:libtiff	libtiff	eq	3.5.1
libtiff:libtiff	libtiff	eq	3.5.2
libtiff:libtiff	libtiff	eq	3.5.3
libtiff:libtiff	libtiff	eq	3.5.4
libtiff:libtiff	libtiff	eq	3.5.5
libtiff:libtiff	libtiff	eq	3.5.6
libtiff:libtiff	libtiff	eq	3.5.7
libtiff:libtiff	libtiff	eq	3.6.0