2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2010-2065" ,
"sourceIdentifier" : "secalert@redhat.com" ,
"published" : "2010-06-24T12:30:01.813" ,
"lastModified" : "2013-05-15T03:09:42.163" ,
"vulnStatus" : "Modified" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow."
} ,
{
"lang" : "es" ,
"value" : "Desbordamiento de enteros en la marco TIFFroundup macro en LibTIFF anterior v3.9.3 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda aplicaci\u00f3n) o probablemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero TIFF manipulado que provoca un desbordamiento de b\u00fafer. \r\n"
}
] ,
"metrics" : {
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P" ,
"accessVector" : "NETWORK" ,
"accessComplexity" : "MEDIUM" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "PARTIAL" ,
"integrityImpact" : "PARTIAL" ,
"availabilityImpact" : "PARTIAL" ,
"baseScore" : 6.8
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 8.6 ,
"impactScore" : 6.4 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : true
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-189"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "3.9.2" ,
"matchCriteriaId" : "7989761F-DFF4-4122-95A5-8318AAFEB7B8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CCA5EEB8-9D2C-49A9-BB08-CE5017B79D81"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.4:beta18:*:*:*:*:*:*" ,
"matchCriteriaId" : "A0FB4929-8937-458C-88F0-E0484F84F921"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.4:beta24:*:*:*:*:*:*" ,
"matchCriteriaId" : "10457960-162A-443D-91D0-2857DCEB5B62"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.4:beta28:*:*:*:*:*:*" ,
"matchCriteriaId" : "157D32AA-0783-4316-A8AA-1F4063B31C9B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.4:beta29:*:*:*:*:*:*" ,
"matchCriteriaId" : "1C3379CF-499D-46CA-90DF-11F4CB7F4FC0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.4:beta31:*:*:*:*:*:*" ,
"matchCriteriaId" : "52D44C48-E6DE-4E37-920F-7591771C7A39"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.4:beta32:*:*:*:*:*:*" ,
"matchCriteriaId" : "08C0C0E9-6338-4320-BACF-B10939E53FA3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.4:beta34:*:*:*:*:*:*" ,
"matchCriteriaId" : "C19CD7D3-036D-41E1-9E61-B274D079ACAE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.4:beta35:*:*:*:*:*:*" ,
"matchCriteriaId" : "1A8470B2-2D9F-4507-85CB-2702555F7146"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.4:beta36:*:*:*:*:*:*" ,
"matchCriteriaId" : "09FF2649-4998-479D-9FC5-9C749BA12E5D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.4:beta37:*:*:*:*:*:*" ,
"matchCriteriaId" : "F304C7D0-7CA3-42D4-AB9F-382AA418E781"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "261FAE51-5207-4136-9FFE-2330A281266C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B32C83B9-F7DA-450A-A687-9A73734CD712"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9485283A-B73E-4567-914A-42A86F5FFCB4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "95892168-0FB6-4E3F-9303-2F9B3CF60D2B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A5021564-5E0A-4DDC-BC68-200B6050043E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.5.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "11C50750-FE1D-42BA-9125-7D8E872AA2DB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.5.6:beta:*:*:*:*:*:*" ,
"matchCriteriaId" : "C92B050F-30C7-421B-8556-9CC1A6D457B9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "19AA66E5-FDDD-4243-B945-DFEBDD25F258"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.5.7:alpha:*:*:*:*:*:*" ,
"matchCriteriaId" : "38D31C28-1DB2-454F-AF44-9898106FF5E6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.5.7:alpha2:*:*:*:*:*:*" ,
"matchCriteriaId" : "4DCCA926-3993-4CE2-A3CB-B9FE2A1991F5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.5.7:alpha3:*:*:*:*:*:*" ,
"matchCriteriaId" : "E68FD79C-D26E-4B86-A22C-96FC60438EFF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.5.7:alpha4:*:*:*:*:*:*" ,
"matchCriteriaId" : "1EC9867E-0FC3-4D93-8166-DA17ED88D199"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.5.7:beta:*:*:*:*:*:*" ,
"matchCriteriaId" : "1397747F-8A50-47B3-8164-221650080F76"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "62F359CD-5DC4-4919-B8E1-95BDDBD27EFC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.6.0:beta:*:*:*:*:*:*" ,
"matchCriteriaId" : "65173C5E-B3D8-4428-8600-C3B34E3BB789"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.6.0:beta2:*:*:*:*:*:*" ,
"matchCriteriaId" : "0E99997F-033C-42FE-BCE8-CAC329DAFFAA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.6.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D2C8C550-3313-4266-B4B3-E9E9047CFE04"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.7.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "ABEEBA7B-81D5-4148-912B-9AD448BBE741"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.7.0:alpha:*:*:*:*:*:*" ,
"matchCriteriaId" : "1663754A-2AF4-46BC-9196-E29D8C019892"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.7.0:beta:*:*:*:*:*:*" ,
"matchCriteriaId" : "566C6E9C-318C-4C1E-86A8-429615215EEE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.7.0:beta2:*:*:*:*:*:*" ,
"matchCriteriaId" : "22987AEF-ADA2-4D60-8C02-AFE6CD9A930B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.7.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "448555FE-8E91-4EA7-BA05-6915F5508319"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.7.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8CA0A79A-0591-4AC0-A2D1-40C34FA75B01"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.7.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4C8C1070-4A65-41A3-AD01-F12626042CA0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.7.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C6CD3B7F-24C5-49F4-93D2-CA43FF284907"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.8.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "44BC5E2C-B6A6-4999-A1EA-B91DA5C350C7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.8.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F2850FD9-8BE8-410E-8A24-28549DAACEB3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.8.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "60A24DC5-2DF5-4CA2-A0CD-BE0650CA6F5B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.9:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "81A01676-7D0B-4F92-A874-28ACDB728A5F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.9.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7D0901DF-4C9A-46A6-A5F9-6CFC945B39AE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.9.0:beta:*:*:*:*:*:*" ,
"matchCriteriaId" : "057A1E58-0D95-4EA6-88B1-B05136E03770"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.9.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A67179D4-2714-42FE-8115-19DBC5D1E3E7"
}
]
}
]
}
] ,
"references" : [
{
"url" : "http://blogs.sun.com/security/entry/cve_2010_2065_cve_2010" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "http://marc.info/?l=oss-security&m=127731610612908&w=2" ,
"source" : "secalert@redhat.com"
} ,
2024-04-04 08:46:00 +00:00
{
"url" : "http://secunia.com/advisories/40181" ,
"source" : "secalert@redhat.com" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://secunia.com/advisories/40381" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "http://secunia.com/advisories/50726" ,
"source" : "secalert@redhat.com"
} ,
2023-04-24 12:24:31 +02:00
{
"url" : "http://security.gentoo.org/glsa/glsa-201209-02.xml" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.596424" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:043" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "http://www.remotesensing.org/libtiff/v3.9.3.html" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "http://www.ubuntu.com/usn/USN-954-1" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "http://www.vupen.com/english/advisories/2010/1638" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "http://www.vupen.com/english/advisories/2011/0204" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "http://www.vupen.com/english/advisories/2011/0621" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/589565" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=601274" ,
"source" : "secalert@redhat.com"
}
]
}
