[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2009-2285Date: (C)2009-07-01   (M)2024-02-22


Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
SUNALERT-267808
SECUNIA-35695
SECUNIA-35716
SECUNIA-35866
SECUNIA-35883
SECUNIA-35912
SECUNIA-36194
SECUNIA-36831
SECUNIA-38241
SECUNIA-39135
ADV-2009-1637
ADV-2009-2727
ADV-2009-3184
ADV-2010-0173
APPLE-SA-2009-11-09-1
APPLE-SA-2010-01-19-1
APPLE-SA-2010-02-02-1
APPLE-SA-2010-03-11-1
APPLE-SA-2010-03-30-2
DSA-1835
FEDORA-2009-7335
FEDORA-2009-7358
FEDORA-2009-7417
FEDORA-2009-7717
FEDORA-2009-7763
GLSA-200908-03
RHSA-2009:1159
USN-797-1
http://www.openwall.com/lists/oss-security/2009/06/22/1
http://www.openwall.com/lists/oss-security/2009/06/23/1
http://www.openwall.com/lists/oss-security/2009/06/29/5
http://bugzilla.maptools.org/show_bug.cgi?id=2065
http://support.apple.com/kb/HT3937
http://support.apple.com/kb/HT4004
http://support.apple.com/kb/HT4013
http://support.apple.com/kb/HT4070
http://support.apple.com/kb/HT4105
http://www.lan.st/showthread.php?t=1856&page=3
https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/380149
oval:org.mitre.oval:def:10145
oval:org.mitre.oval:def:7049

CPE    1
cpe:/a:libtiff:libtiff:3.8.2
CWE    1
CWE-119
OVAL    25
oval:org.secpod.oval:def:700322
oval:org.secpod.oval:def:200549
oval:org.secpod.oval:def:202090
oval:org.secpod.oval:def:102125
...

© SecPod Technologies