You are here

CVE-2012-2088

Vincent (CVE) Danen's picture
Integer signedness error in the TIFFReadDirectory function in tif_dirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion between signed and unsigned types, leading to a heap-based buffer overflow.

Details Source

Mitre

Public Date

2012-06-15 00:00:00

Impact

Important

Bugzilla

CVE-2012-2088 libtiff: Type conversion flaw leading to heap-buffer overflow

Bugzilla ID

832 864

CVSS Status

verified

Base Score

6.80

Base Metrics

AV:N/AC:M/Au:N/C:P/I:P/A:P

IAVA

2013-A-0048

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 6 (libtiff) RHSA-2012:1054 2012-07-03
Red Hat Enterprise Linux 5 (libtiff) RHSA-2012:1054 2012-07-03

CWE

CWE-122