Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:28800
HistoryDec 07, 2012 - 12:00 a.m.

[USN-1655-1] LibTIFF vulnerability

2012-12-0700:00:00
vulners.com
16
JSON

==========================================================================
Ubuntu Security Notice USN-1655-1
December 05, 2012

tiff vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 12.04 LTS
  • Ubuntu 11.10
  • Ubuntu 10.04 LTS
  • Ubuntu 8.04 LTS

Summary:

Programs that use LibTIFF could be made to crash or run programs if they
opened a specially crafted file.

Software Description:

  • tiff: Tag Image File Format (TIFF) library

Details:

It was discovered that LibTIFF incorrectly handled certain malformed
images using the DOTRANGE tag. If a user or automated system were
tricked into opening a specially crafted TIFF image, a remote attacker
could crash the application, leading to a denial of service, or possibly
execute arbitrary code with user privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
libtiff4 3.9.5-2ubuntu1.4

Ubuntu 11.10:
libtiff4 3.9.5-1ubuntu1.5

Ubuntu 10.04 LTS:
libtiff4 3.9.2-2ubuntu0.12

Ubuntu 8.04 LTS:
libtiff4 3.8.2-7ubuntu3.16

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1655-1
CVE-2012-5581

Package Information:
https://launchpad.net/ubuntu/+source/tiff/3.9.5-2ubuntu1.4
https://launchpad.net/ubuntu/+source/tiff/3.9.5-1ubuntu1.5
https://launchpad.net/ubuntu/+source/tiff/3.9.2-2ubuntu0.12
https://launchpad.net/ubuntu/+source/tiff/3.8.2-7ubuntu3.16

– ubuntu-security-announce mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

Related

nessus 18
securityvulns 1
openvas 28
debian 1
prion 1
ubuntu 1
ubuntucve 1
cve 1
debiancve 1
veracode 3
redhat 1
centos 1
oraclelinux 1
fedora 7
amazon 1
nessus
nessus
Oracle Solaris Third-Party Patch Update : libtiff (cve_2012_5581_denial_of)
2015-01-19 00:00:00
Ubuntu 8.04 LTS / 10.04 LTS / 11.10 / 12.04 LTS : tiff vulnerability (USN-1655-1)
2012-12-06 00:00:00
Mandriva Linux Security Advisory : libtiff (MDVSA-2012:184)
2012-12-28 00:00:00
securityvulns
securityvulns
libtiff library DoS
2012-12-07 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2589-1)
2013-09-18 00:00:00
Ubuntu: Security Advisory (USN-1655-1)
2012-12-06 00:00:00
Mandriva Update for libtiff MDVSA-2012:184 (libtiff)
2012-12-31 00:00:00
debian
debian
[SECURITY] [DSA 2589-1] tiff security update
2012-12-16 16:04:53
prion
prion
Stack overflow
2013-01-04 22:55:00
ubuntu
ubuntu
LibTIFF vulnerability
2012-12-05 00:00:00
ubuntucve
ubuntucve
CVE-2012-5581
2012-11-28 00:00:00
cve
cve
CVE-2012-5581
2013-01-04 22:55:00
debiancve
debiancve
CVE-2012-5581
2013-01-04 22:55:00
veracode
veracode
Denial Of Service (DoS) And Remote Code Execution (RCE)
2019-05-02 04:42:00
Denial Of Service (DoS) And Remote Code Execution (RCE)
2019-05-02 04:42:00
Denial Of Service (DoS) And Remote Code Execution (RCE)
2019-05-02 04:42:00
redhat
redhat
(RHSA-2012:1590) Moderate: libtiff security update
2012-12-18 00:00:00
centos
centos
libtiff security update
2012-12-19 01:20:39
oraclelinux
oraclelinux
libtiff security update
2012-12-18 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: libtiff-4.0.3-2.fc18
2013-01-12 00:28:00
[SECURITY] Fedora 18 Update: libtiff-4.0.3-6.fc18
2013-05-14 01:23:41
[SECURITY] Fedora 17 Update: libtiff-3.9.7-1.fc17
2012-12-31 03:28:09
amazon
amazon
Medium: libtiff
2012-12-20 13:55:00
JSON
Related for SECURITYVULNS:DOC:28800
nessus18securityvulns1openvas28debian1prion1ubuntu1ubuntucve1cve1debiancve1veracode3redhat1centos1oraclelinux1fedora7amazon1