exploitDog

CVE-2013-4244

Опубликовано: 14 авг. 2013

Источник: redhat

CVSS2: 5.1

Описание

The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted GIF image.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 7	libtiff	Not affected
Red Hat Enterprise Linux 5	libtiff	Fixed	RHSA-2014:0223	27.02.2014
Red Hat Enterprise Linux 6	libtiff	Fixed	RHSA-2014:0222	27.02.2014

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-787

https://bugzilla.redhat.com/show_bug.cgi?id=996468(gif2tiff): OOB Write in LZW decompressor

5.1 Medium

CVSS2

Связанные уязвимости

CVE-2013-4244

ubuntu

почти 12 лет назад

The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted GIF image.

CVE-2013-4244

nvd

почти 12 лет назад

The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted GIF image.

CVE-2013-4244

debian

почти 12 лет назад

The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier ...

GHSA-537w-v4qr-w65f

github

больше 3 лет назад

The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted GIF image.

ELSA-2014-0223

oracle-oval

больше 11 лет назад

ELSA-2014-0223: libtiff security update (MODERATE)

5.1 Medium

CVSS2