cpe:/a:libtiff:libtiff:3.8.0 cpe:/a:libtiff:libtiff:3.8.1 cpe:/a:libtiff:libtiff:3.8.2 cpe:/a:libtiff:libtiff:3.9 cpe:/a:libtiff:libtiff:4.0 CVE-2009-2347 2009-07-14T16:30:00.377-04:00 2017-09-18T21:29:03.997-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2009-07-15T08:54:00.000-04:00 SECTRACK 1022539 BUGTRAQ 20090713 [oCERT-2009-012] libtiff tools integer overflows BID 35652 SECUNIA 35811 SECUNIA 35817 SECUNIA 35866 SECUNIA 35883 SECUNIA 35911 SECUNIA 36194 SECUNIA 50726 OSVDB 55821 OSVDB 55822 VUPEN ADV-2009-1870 VUPEN ADV-2011-0621 DEBIAN DSA-1835 FEDORA FEDORA-2009-7724 FEDORA FEDORA-2009-7775 GENTOO GLSA-200908-03 GENTOO GLSA-201209-02 MANDRIVA MDVSA-2009:150 MANDRIVA MDVSA-2011:043 REDHAT RHSA-2009:1159 UBUNTU USN-801-1 CONFIRM http://article.gmane.org/gmane.linux.debian.devel.changes.unstable/178563/ CONFIRM http://bugzilla.maptools.org/show_bug.cgi?id=2079 MISC http://www.ocert.org/advisories/ocert-2009-012.html CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-2347 XF libtiff-rgb2ycbcr-tiff2rgba-bo(51688) Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buffer overflow in the (a) cvt_whole_image function in tiff2rgba and (b) tiffcvt function in rgb2ycbcr.