Lucene search
GoogleOSV:DSA-2561-1HistoryOct 21, 2012 - 12:00 a.m.
tiff - buffer overflow
2012-10-2100:00:00
Google
osv.dev
12
0.037 Low
EPSS
Percentile
91.8%
It was discovered that a buffer overflow in libtiff’s parsing of files
using PixarLog compression could lead to the execution of arbitrary
code.
For the stable distribution (squeeze), this problem has been fixed in
version 3.9.4-5+squeeze6.
For the testing distribution (wheezy) and the unstable distribution
(sid), this problem has been fixed in version 3.9.6-9 of the tiff3
source package and in version 4.0.2-4 of the tiff source package.
We recommend that you upgrade your tiff packages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| tiff | eq | 3.9.4-5+squeeze1 | |
| tiff | eq | 3.9.4-5 | |
| tiff | eq | 3.9.4-5+squeeze5 | |
| tiff | eq | 3.9.4-5+squeeze3 | |
| tiff | eq | 3.9.4-5+squeeze2 | |
| tiff | eq | 3.9.4-5+squeeze4 |
References
Related
nessus
nessus
Debian DSA-2561-1 : tiff - buffer overflow
2012-10-22 00:00:00
BlackBerry Enterprise Server TIFF Image Processing Vulnerabilities (KB33425)
2013-03-21 00:00:00
Mandriva Linux Security Advisory : libtiff (MDVSA-2012:174)
2012-11-23 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2561-1)
2012-10-29 00:00:00
Debian Security Advisory DSA 2561-1 (tiff)
2012-10-29 00:00:00
Mandriva Update for libtiff MDVSA-2012:174 (libtiff)
2012-11-23 00:00:00
prion
prion
Heap overflow
2012-10-28 15:55:00
cvelist
cvelist
CVE-2012-4447
2012-10-28 15:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2561-1] tiff security update
2012-10-28 00:00:00
libtiff buffer overflow
2012-11-18 00:00:00
cve
cve
CVE-2012-4447
2012-10-28 15:55:01
nvd
nvd
CVE-2012-4447
2012-10-28 15:55:01
debiancve
debiancve
CVE-2012-4447
2012-10-28 15:55:01
debian
debian
[SECURITY] [DSA 2561-1] tiff security update
2012-10-21 16:03:07
ubuntucve
ubuntucve
CVE-2012-4447
2012-10-28 00:00:00
ubuntu
ubuntu
LibTIFF vulnerabilities
2012-11-15 00:00:00
veracode
veracode
Denial Of Service (DoS) And Remote Code Execution (RCE)
2019-05-02 04:42:00
Denial Of Service (DoS) And Remote Code Execution (RCE)
2019-05-02 04:42:00
Denial Of Service (DoS) And Remote Code Execution (RCE)
2019-05-02 04:42:00
oraclelinux
oraclelinux
libtiff security update
2012-12-18 00:00:00
amazon
amazon
Medium: libtiff
2012-12-20 13:55:00
fedora
fedora
[SECURITY] Fedora 18 Update: libtiff-4.0.3-2.fc18
2013-01-12 00:28:00
[SECURITY] Fedora 18 Update: libtiff-4.0.3-6.fc18
2013-05-14 01:23:41
[SECURITY] Fedora 17 Update: libtiff-3.9.7-1.fc17
2012-12-31 03:28:09
centos
centos
libtiff security update
2012-12-19 01:20:39
redhat
redhat
(RHSA-2012:1590) Moderate: libtiff security update
2012-12-18 00:00:00
gentoo
gentoo
libTIFF: Multiple vulnerabilities
2014-02-21 00:00:00
slackware
slackware
[slackware-security] libtiff
2013-10-18 19:38:32