mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-09 16:05:11 +00:00
108 lines
3.1 KiB
JSON
108 lines
3.1 KiB
JSON
{
|
|
"id": "CVE-2010-2631",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2010-07-06T17:17:20.140",
|
|
"lastModified": "2025-04-11T00:51:21.963",
|
|
"vulnStatus": "Deferred",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "LibTIFF 3.9.0 ignores tags in certain situations during the first stage of TIFF file processing and does not properly handle this during the second stage, which allows remote attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2010-2481."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "LibTIFF v3.9.0 ignora las etiquetas en ciertas situaciones durante la primera etapa del procesado de archivos TIFF y no los maneja adecuadamente durante la segunda etapa, lo cual permite a los atacantes remotos causar una denegaci\u00f3n de servicio (fallo de la aplicaci\u00f3n) a trav\u00e9s de ficheros manipulados, una vulnerabilidad distinta a CVE-2010-2481."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
|
|
"baseScore": 4.3,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "PARTIAL"
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-20"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:libtiff:libtiff:3.9.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7D0901DF-4C9A-46A6-A5F9-6CFC945B39AE"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://bugzilla.maptools.org/show_bug.cgi?id=2210",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit",
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/50726",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://security.gentoo.org/glsa/glsa-201209-02.xml",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://bugzilla.maptools.org/show_bug.cgi?id=2210",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Exploit",
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/50726",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://security.gentoo.org/glsa/glsa-201209-02.xml",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
]
|
|
} |