Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-4231

Опубликовано: 01 авг. 2013
Источник: redhat
CVSS2: 5.1
EPSS Средний

Описание

Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3) a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are disputed by Red Hat, which states that the input cannot exceed the allocated buffer size.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 7libtiffNot affected
Red Hat Enterprise Linux 5libtiffFixedRHSA-2014:022327.02.2014
Red Hat Enterprise Linux 6libtiffFixedRHSA-2014:022227.02.2014

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=995965(gif2tiff): GIF LZW decoder missing datasize value check

EPSS

Процентиль: 95%
0.2141
Средний

5.1 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2013-4231

ubuntu
больше 11 лет назад

Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3) a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are disputed by Red Hat, which states that the input cannot exceed the allocated buffer size.

nvd логотип

CVE-2013-4231

nvd
больше 11 лет назад

Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3) a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are disputed by Red Hat, which states that the input cannot exceed the allocated buffer size.

debian логотип

CVE-2013-4231

debian
больше 11 лет назад

Multiple buffer overflows in libtiff before 4.0.3 allow remote attacke ...

github логотип

GHSA-4qfr-3jpc-g89j

github
больше 3 лет назад

Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3) a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are disputed by Red Hat, which states that the input cannot exceed the allocated buffer size.

oracle-oval логотип

ELSA-2014-0223

oracle-oval
больше 11 лет назад

ELSA-2014-0223: libtiff security update (MODERATE)

EPSS

Процентиль: 95%
0.2141
Средний

5.1 Medium

CVSS2