Lucene search
PRIOn knowledge basePRION:CVE-2010-2443HistoryJun 24, 2010 - 5:30 p.m.
Null pointer dereference
2010-06-2417:30:00
PRIOn knowledge base
www.prio-n.com
4
The OJPEGReadBufferFill function in tif_ojpeg.c in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an OJPEG image with undefined strip offsets, related to the TIFFVGetField function.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libtiff | eq | 3.4 beta29 | |
| libtiff | eq | 3.7.0 beta | |
| libtiff | eq | 3.6.0 beta2 | |
| libtiff | eq | 3.4 beta34 | |
| libtiff | eq | 3.6.1 | |
| libtiff | eq | 3.6.0 beta | |
| libtiff | eq | 3.8.0 | |
| libtiff | eq | 3.7.3 | |
| libtiff | eq | 3.4 beta32 | |
| libtiff | eq | 3.4 beta31 |
References
blogs.sun.com/security/entry/cve_2010_2065_cve_2010
secunia.com/advisories/50726
security.gentoo.org/glsa/glsa-201209-02.xml
www.remotesensing.org/libtiff/v3.9.3.html
www.vupen.com/english/advisories/2011/0204
bugs.launchpad.net/ubuntu/lucid/+source/tiff/+bug/589145
marc.info/?l=oss-security&m=127736307002102&w=2
marc.info/?l=oss-security&m=127781315415896&w=2
Related
cvelist
cvelist
CVE-2010-2443
2010-06-24 17:00:00
CVE-2010-2482
2010-07-06 14:00:00
cve
cve
CVE-2010-2443
2010-06-24 17:30:01
CVE-2010-2482
2010-07-06 17:17:13
nvd
nvd
CVE-2010-2443
2010-06-24 17:30:01
CVE-2010-2482
2010-07-06 17:17:13
debiancve
debiancve
CVE-2010-2443
2010-06-24 17:30:01
CVE-2010-2482
2010-07-06 17:17:13
ubuntucve
ubuntucve
CVE-2010-2443
2010-06-24 00:00:00
CVE-2010-2482
2010-07-06 00:00:00
prion
prion
Null pointer dereference
2010-07-06 17:17:00
nessus
nessus
Mandriva Linux Security Advisory : libtiff (MDVSA-2010:146)
2010-08-09 00:00:00
GLSA-201209-02 : libTIFF: Multiple vulnerabilities
2012-09-24 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201209-02 (tiff)
2012-09-26 00:00:00
Gentoo Security Advisory GLSA 201209-02 (tiff)
2012-09-26 00:00:00
gentoo
gentoo
libTIFF: Multiple vulnerabilities
2012-09-23 00:00:00
kitploit
kitploit
Radamsa - A General-Purpose Fuzzer
2024-03-25 11:30:00