Public Date:
601274: CVE-2010-2065 libtiff: TIFFroundup() integer overflow in TIFFFillStrip()

The MITRE CVE dictionary describes this issue as:

Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow.

Find out more about CVE-2010-2065 from the MITRE CVE dictionary dictionary and NIST NVD.


Not vulnerable. These issues did not affect the versions of libtiff as shipped with Red Hat Enterprise Linux 3, 4, or 5.

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 4 libtiff Not affected
Red Hat Enterprise Linux 5 libtiff Not affected
Red Hat Enterprise Linux 6 libtiff Affected
Red Hat Enterprise Linux 3 libtiff Not affected