CVE-2010-1411 : Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as

Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as used in ImageIO in Apple Mac OS X 10.5.8 and Mac OS X 10.6 before 10.6.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow.

Published 2010-06-17 16:30:02

Updated 2013-05-15 03:08:28

Source Apple Inc.

View at NVD, CVE.org

Vulnerability category: OverflowExecute codeDenial of service

Exploit prediction scoring system (EPSS) score for CVE-2010-1411

Probability of exploitation activity in the next 30 days: 1.52%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 85 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2010-1411

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2010-1411

CWE-189

Assigned by: nvd@nist.gov (Primary)

References for CVE-2010-1411

http://securitytracker.com/id?1024103

Mac OS X Multiple Flaws Let Remote Users Execute Arbitrary Code, Deny Service, and Upload/Access Files and Local Users Gain Elevated Privileges - SecurityTracker

CVEs referencing this url
http://www.ubuntu.com/usn/USN-954-1

USN-954-1: tiff vulnerabilities | Ubuntu security notices

CVEs referencing this url
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043769.html

[SECURITY] Fedora 13 Update: mingw32-libtiff-3.9.4-1.fc13
http://www.vupen.com/english/advisories/2010/1638

Webmail | OVH- OVH

CVEs referencing this url
http://marc.info/?l=oss-security&m=127731610612908&w=2

'[oss-security] CVE requests: LibTIFF' - MARC

CVEs referencing this url
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043835.html

[SECURITY] Fedora 12 Update: mingw32-libtiff-3.9.4-1.fc12
http://www.vupen.com/english/advisories/2010/1731

Webmail | OVH- OVH
http://www.remotesensing.org/libtiff/v3.9.3.html

Error

CVEs referencing this url
https://bugzilla.redhat.com/show_bug.cgi?id=592361

592361 – (CVE-2010-1411) CVE-2010-1411 libtiff: integer overflows leading to heap overflow in Fax3SetupState
http://www.vupen.com/english/advisories/2010/1435

Webmail | OVH- OVH
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.596424

The Slackware Linux Project: Slackware Security Advisories

CVEs referencing this url
http://www.vupen.com/english/advisories/2010/1512

Webmail | OVH- OVH

CVEs referencing this url
http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html

Apple - Lists.apple.com
Vendor Advisory

CVEs referencing this url
http://support.apple.com/kb/HT4196

About the security content of Safari 5.0 and Safari 4.1 - Apple Support

CVEs referencing this url
http://www.redhat.com/support/errata/RHSA-2010-0520.html

Support

CVEs referencing this url
http://www.vupen.com/english/advisories/2010/1761

Webmail | OVH- OVH

CVEs referencing this url
http://security.gentoo.org/glsa/glsa-201209-02.xml

libTIFF: Multiple vulnerabilities (GLSA 201209-02) — Gentoo security

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html

[security-announce] SUSE Security Summary Report: SUSE-SR:2010:014

CVEs referencing this url
http://www.vupen.com/english/advisories/2010/1481

Webmail | OVH- OVH
Vendor Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/40823

LibTIFF FAX3 Decoder Remote Integer Overflow Vulnerability
http://support.apple.com/kb/HT4188

About the security content of Security Update 2010-004 / Mac OS X v10.6.4 - Apple Support
Patch;Vendor Advisory

CVEs referencing this url
http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html

Apple - Lists.apple.com

CVEs referencing this url
http://support.apple.com/kb/HT4220

About the security content of iTunes 9.2 - Apple Support

CVEs referencing this url
http://www.redhat.com/support/errata/RHSA-2010-0519.html

Support

CVEs referencing this url

Products affected by CVE-2010-1411

Apple » Mac Os X » Version: 10.5.8
cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*
Matching versions
Apple » Mac Os X » Version: 10.6.1
cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*
Matching versions
Apple » Mac Os X » Version: 10.6.0
cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*
Matching versions
Apple » Mac Os X » Version: 10.6.2
cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*
Matching versions
Apple » Mac Os X » Version: 10.6.3
cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*
Matching versions
Apple » Mac Os X Server » Version: 10.5.8
cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*
Matching versions
Apple » Mac Os X Server » Version: 10.6.1
cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*
Matching versions
Apple » Mac Os X Server » Version: 10.6.0
cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*
Matching versions
Apple » Mac Os X Server » Version: 10.6.2
cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*
Matching versions
Apple » Mac Os X Server » Version: 10.6.3
cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2010-1411

Exploit prediction scoring system (EPSS) score for CVE-2010-1411

CVSS scores for CVE-2010-1411

CWE ids for CVE-2010-1411

References for CVE-2010-1411

Products affected by CVE-2010-1411