Red Hat Customer Portal

Skip to main content

CVE-2012-4564

ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow.

Details Source

Mitre

Public Date

2012-11-02 00:00:00

Impact

Moderate

Bugzilla

CVE-2012-4564 libtiff: Missing return value check in ppm2tiff leading to heap-buffer overflow when reading a tiff file

Bugzilla ID

871 700

CVSS Status

verified

Base Score

6.80

Base Metrics

AV:N/AC:M/Au:N/C:P/I:P/A:P

Acknowledgements

This issue was discovered by Huzaifa S. Sidhpurwala of Red Hat Security Response Team.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 6 (libtiff) RHSA-2012:1590 2012-12-18
Red Hat Enterprise Linux 5 (libtiff) RHSA-2012:1590 2012-12-18

CWE

CWE-122