Vulnerability Name:

CVE-2010-2481 (CCN-60188)

Assigned:2010-06-23
Published:2010-06-23
Updated:2023-02-13
Summary:The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-125
Vulnerability Consequences:Denial of Service
References:Source: secalert@redhat.com
Type: Exploit, Patch
secalert@redhat.com

Source: MITRE
Type: CNA
CVE-2010-2481

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: RHSA-2010-0519
Important: libtiff security update

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: OSVDB ID: 66082
LibTIFF TIFFExtractData Macro Crafted TIFF File Directory Entry Unknown Tag Type DoS

Source: CCN
Type: OSVDB ID: 66089
LibTIFF TIFFReadDirectory Function TIFF File Codec-specific Tag Out-of-order Position Validation Weakness DoS

Source: CCN
Type: OSVDB ID: 66090
LibTIFF Stage-based TIFF File Tag Handling DoS

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: LibTIFF Web site
LibTIFF - TIFF Library and Utilities

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: XF
Type: UNKNOWN
libtiff-tiffextractdata-dos(60188)

Vulnerable Configuration:Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*
    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*
    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*
    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:libtiff:libtiff:3.9.0:*:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.9.2:*:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.9:*:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.5.6:*:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.8.0:*:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.8.1:*:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.8.2:*:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.4:*:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.4:beta18:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.4:beta24:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.4:beta28:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.4:beta29:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.4:beta31:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.4:beta32:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.4:beta34:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.4:beta35:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.4:beta36:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.4:beta37:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.5.6:beta:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.5.7:alpha:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.5.7:alpha2:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.5.7:alpha3:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.5.7:alpha4:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.5.7:beta:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.6.0:beta:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.6.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.7.0:alpha:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.7.0:beta:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.7.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.7.2:*:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.7.3:*:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.7.4:*:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.9.0:beta:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.9.1:*:*:*:*:*:*:*
  • OR cpe:/a:libtiff:libtiff:3.9.3:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.1:*:*:*:x86_64:*:*:*
  • OR cpe:/o:mandriva:enterprise_server:5:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:enterprise_server:5:*:*:*:x86_64:*:*:*
  • OR cpe:/o:mandriva:linux:2010:*:*:*:x86_64:*:*:*
  • OR cpe:/o:mandriva:linux:2010:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:22870
    P
    		ELSA-2010:0519: libtiff security update (Important)
    2014-05-26
    oval:org.mitre.oval:def:22143
    P
    		RHSA-2010:0519: libtiff security update (Important)
    2014-02-24
    oval:com.redhat.rhsa:def:20100519
    P
    		RHSA-2010:0519: libtiff security update (Important)
    2010-07-08
    BACK
    libtiff libtiff 3.9.0
    libtiff libtiff 3.9.2
    libtiff libtiff 3.5.1
    libtiff libtiff 3.5.2
    libtiff libtiff 3.5.3
    libtiff libtiff 3.5.4
    libtiff libtiff 3.5.5
    libtiff libtiff 3.9
    libtiff libtiff 3.5.6
    libtiff libtiff 3.5.7
    libtiff libtiff 3.6.0
    libtiff libtiff 3.6.1
    libtiff libtiff 3.7.0
    libtiff libtiff 3.7.1
    libtiff libtiff 3.8.0
    libtiff libtiff 3.8.1
    libtiff libtiff 3.8.2
    libtiff libtiff 3.4
    libtiff libtiff 3.4 beta18
    libtiff libtiff 3.4 beta24
    libtiff libtiff 3.4 beta28
    libtiff libtiff 3.4 beta29
    libtiff libtiff 3.4 beta31
    libtiff libtiff 3.4 beta32
    libtiff libtiff 3.4 beta34
    libtiff libtiff 3.4 beta35
    libtiff libtiff 3.4 beta36
    libtiff libtiff 3.4 beta37
    libtiff libtiff 3.5.6 beta
    libtiff libtiff 3.5.7 alpha
    libtiff libtiff 3.5.7 alpha2
    libtiff libtiff 3.5.7 alpha3
    libtiff libtiff 3.5.7 alpha4
    libtiff libtiff 3.5.7 beta
    libtiff libtiff 3.6.0 beta
    libtiff libtiff 3.6.0 beta2
    libtiff libtiff 3.7.0 alpha
    libtiff libtiff 3.7.0 beta
    libtiff libtiff 3.7.0 beta2
    libtiff libtiff 3.7.2
    libtiff libtiff 3.7.3
    libtiff libtiff 3.7.4
    libtiff libtiff 3.9.0 beta
    libtiff libtiff 3.9.1
    libtiff libtiff 3.9.3
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    redhat enterprise linux 5
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2008.0
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2008.0
    mandriva linux 2009.0
    mandriva linux 2009.0 -
    mandriva linux 2009.1
    mandriva linux 2009.1
    mandriva enterprise server 5
    mandriva enterprise server 5
    mandriva linux 2010
    mandriva linux 2010