Описание
Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 3.7.4-1ubuntu3.11 |
| devel | released | 3.9.4-5ubuntu5 |
| hardy | released | 3.8.2-7ubuntu3.9 |
| karmic | released | 3.8.2-13ubuntu0.6 |
| lucid | released | 3.9.2-2ubuntu0.6 |
| maverick | released | 3.9.4-2ubuntu0.3 |
| upstream | needs-triage |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value.
Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value.
Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in ...
Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value.
ELSA-2011-0392: libtiff security and bug fix update (IMPORTANT)
EPSS
6.8 Medium
CVSS2