Vulnerabilities > CVE-2010-1411 - Numeric Errors vulnerability in Apple mac OS X and mac OS X Server

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
apple
CWE-189
nessus

Summary

Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as used in ImageIO in Apple Mac OS X 10.5.8 and Mac OS X 10.6 before 10.6.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2010-0519.NASL
    descriptionUpdated libtiff packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Multiple integer overflow flaws, leading to a buffer overflow, were discovered in libtiff. An attacker could use these flaws to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. (CVE-2010-1411) Multiple input validation flaws were discovered in libtiff. An attacker could use these flaws to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash. (CVE-2010-2481, CVE-2010-2483, CVE-2010-2595, CVE-2010-2597) Red Hat would like to thank Apple Product Security for responsibly reporting the CVE-2010-1411 flaw, who credit Kevin Finisterre of digitalmunition.com for the discovery of the issue. All libtiff users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. All running applications linked against libtiff must be restarted for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id47872
    published2010-07-28
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47872
    titleRHEL 4 / 5 : libtiff (RHSA-2010:0519)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2010:0519. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(47872);
      script_version ("1.19");
      script_cvs_date("Date: 2019/10/25 13:36:15");
    
      script_cve_id("CVE-2010-1411", "CVE-2010-2481", "CVE-2010-2483", "CVE-2010-2595", "CVE-2010-2597", "CVE-2010-4665");
      script_bugtraq_id(40823, 41088, 41295);
      script_xref(name:"RHSA", value:"2010:0519");
    
      script_name(english:"RHEL 4 / 5 : libtiff (RHSA-2010:0519)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated libtiff packages that fix multiple security issues are now
    available for Red Hat Enterprise Linux 4 and 5.
    
    The Red Hat Security Response Team has rated this update as having
    important security impact. Common Vulnerability Scoring System (CVSS)
    base scores, which give detailed severity ratings, are available for
    each vulnerability from the CVE links in the References section.
    
    The libtiff packages contain a library of functions for manipulating
    Tagged Image File Format (TIFF) files.
    
    Multiple integer overflow flaws, leading to a buffer overflow, were
    discovered in libtiff. An attacker could use these flaws to create a
    specially crafted TIFF file that, when opened, would cause an
    application linked against libtiff to crash or, possibly, execute
    arbitrary code. (CVE-2010-1411)
    
    Multiple input validation flaws were discovered in libtiff. An
    attacker could use these flaws to create a specially crafted TIFF file
    that, when opened, would cause an application linked against libtiff
    to crash. (CVE-2010-2481, CVE-2010-2483, CVE-2010-2595, CVE-2010-2597)
    
    Red Hat would like to thank Apple Product Security for responsibly
    reporting the CVE-2010-1411 flaw, who credit Kevin Finisterre of
    digitalmunition.com for the discovery of the issue.
    
    All libtiff users are advised to upgrade to these updated packages,
    which contain backported patches to resolve these issues. All running
    applications linked against libtiff must be restarted for this update
    to take effect."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2010-1411"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2010-2481"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2010-2483"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2010-2595"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2010-2597"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2010-4665"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2010:0519"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected libtiff and / or libtiff-devel packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libtiff");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libtiff-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4.8");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2010/06/17");
      script_set_attribute(attribute:"patch_publication_date", value:"2010/07/08");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/07/28");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(4|5)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 4.x / 5.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2010:0519";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL4", reference:"libtiff-3.6.1-12.el4_8.5")) flag++;
    
      if (rpm_check(release:"RHEL4", reference:"libtiff-devel-3.6.1-12.el4_8.5")) flag++;
    
    
      if (rpm_check(release:"RHEL5", reference:"libtiff-3.8.2-7.el5_5.5")) flag++;
    
      if (rpm_check(release:"RHEL5", reference:"libtiff-devel-3.8.2-7.el5_5.5")) flag++;
    
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libtiff / libtiff-devel");
      }
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_2_LIBTIFF-DEVEL-100525.NASL
    descriptionThis update of libtiff fixes several integer overflows that could lead to a corrupted heap memory. This bug can be exploited remotely with a crafted TIFF file to cause an application crash or probably to execute arbitrary code. (CVE-2010-1411)
    last seen2020-06-01
    modified2020-06-02
    plugin id47021
    published2010-06-15
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47021
    titleopenSUSE Security Update : libtiff-devel (openSUSE-SU-2010:0324-1)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update libtiff-devel-2477.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(47021);
      script_version("1.8");
      script_cvs_date("Date: 2019/10/25 13:36:38");
    
      script_cve_id("CVE-2010-1411");
    
      script_name(english:"openSUSE Security Update : libtiff-devel (openSUSE-SU-2010:0324-1)");
      script_summary(english:"Check for the libtiff-devel-2477 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update of libtiff fixes several integer overflows that could lead
    to a corrupted heap memory. This bug can be exploited remotely with a
    crafted TIFF file to cause an application crash or probably to execute
    arbitrary code. (CVE-2010-1411)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=605837"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://lists.opensuse.org/opensuse-updates/2010-06/msg00003.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected libtiff-devel packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libtiff-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libtiff-devel-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libtiff3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libtiff3-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:tiff");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/05/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/06/15");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.2", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.2", reference:"libtiff-devel-3.8.2-145.4.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"libtiff3-3.8.2-145.4.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"tiff-3.8.2-145.4.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", cpu:"x86_64", reference:"libtiff-devel-32bit-3.8.2-145.4.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", cpu:"x86_64", reference:"libtiff3-32bit-3.8.2-145.4.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libtiff");
    }
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20100708_LIBTIFF_ON_SL3_X.NASL
    descriptionMultiple integer overflow flaws, leading to a buffer overflow, were discovered in libtiff. An attacker could use these flaws to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. (CVE-2010-1411) Multiple input validation flaws were discovered in libtiff. An attacker could use these flaws to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash. (CVE-2010-2481, CVE-2010-2483, CVE-2010-2595, CVE-2010-2597) - SL4, SL5 An input validation flaw was discovered in libtiff. An attacker could use this flaw to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash. (CVE-2010-2598) - SL3 All runningapplications linked against libtiff must be restarted for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id60812
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60812
    titleScientific Linux Security Update : libtiff on SL3.x, SL4.x, SL5.x i386/x86_64
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(60812);
      script_version("1.5");
      script_cvs_date("Date: 2019/10/25 13:36:19");
    
      script_cve_id("CVE-2010-1411", "CVE-2010-2481", "CVE-2010-2483", "CVE-2010-2595", "CVE-2010-2597", "CVE-2010-2598");
    
      script_name(english:"Scientific Linux Security Update : libtiff on SL3.x, SL4.x, SL5.x i386/x86_64");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Scientific Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Multiple integer overflow flaws, leading to a buffer overflow, were
    discovered in libtiff. An attacker could use these flaws to create a
    specially crafted TIFF file that, when opened, would cause an
    application linked against libtiff to crash or, possibly, execute
    arbitrary code. (CVE-2010-1411)
    
    Multiple input validation flaws were discovered in libtiff. An
    attacker could use these flaws to create a specially crafted TIFF file
    that, when opened, would cause an application linked against libtiff
    to crash. (CVE-2010-2481, CVE-2010-2483, CVE-2010-2595, CVE-2010-2597)
    - SL4, SL5
    
    An input validation flaw was discovered in libtiff. An attacker could
    use this flaw to create a specially crafted TIFF file that, when
    opened, would cause an application linked against libtiff to crash.
    (CVE-2010-2598) - SL3
    
    All runningapplications linked against libtiff must be restarted for
    this update to take effect."
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1007&L=scientific-linux-errata&T=0&P=686
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?6cb45bb1"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected libtiff and / or libtiff-devel packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/07/08");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL3", reference:"libtiff-3.5.7-34.el3")) flag++;
    if (rpm_check(release:"SL3", reference:"libtiff-devel-3.5.7-34.el3")) flag++;
    
    if (rpm_check(release:"SL4", reference:"libtiff-3.6.1-12.el4_8.5")) flag++;
    if (rpm_check(release:"SL4", reference:"libtiff-devel-3.6.1-12.el4_8.5")) flag++;
    
    if (rpm_check(release:"SL5", reference:"libtiff-3.8.2-7.el5_5.5")) flag++;
    if (rpm_check(release:"SL5", reference:"libtiff-devel-3.8.2-7.el5_5.5")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2010-10333.NASL
    descriptionFix numerous crashing bugs, including CVE-2010-1411, CVE-2010-2065, CVE-2010-2067, and CVE-2010-2233 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id47596
    published2010-07-06
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/47596
    titleFedora 12 : libtiff-3.9.4-1.fc12 (2010-10333)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2010-10333.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(47596);
      script_version("1.9");
      script_cvs_date("Date: 2019/08/02 13:32:31");
    
      script_cve_id("CVE-2010-1411", "CVE-2010-2065", "CVE-2010-2067", "CVE-2010-2233");
      script_bugtraq_id(40823, 41011, 41012, 41088);
      script_xref(name:"FEDORA", value:"2010-10333");
    
      script_name(english:"Fedora 12 : libtiff-3.9.4-1.fc12 (2010-10333)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Fix numerous crashing bugs, including CVE-2010-1411, CVE-2010-2065,
    CVE-2010-2067, and CVE-2010-2233
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=592361"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=599576"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=601274"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=607198"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/043711.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?d2b2bd2c"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected libtiff package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:libtiff");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:12");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/06/24");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/07/06");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^12([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 12.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC12", reference:"libtiff-3.9.4-1.fc12")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libtiff");
    }
    
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2010-0519.NASL
    descriptionUpdated libtiff packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Multiple integer overflow flaws, leading to a buffer overflow, were discovered in libtiff. An attacker could use these flaws to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. (CVE-2010-1411) Multiple input validation flaws were discovered in libtiff. An attacker could use these flaws to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash. (CVE-2010-2481, CVE-2010-2483, CVE-2010-2595, CVE-2010-2597) Red Hat would like to thank Apple Product Security for responsibly reporting the CVE-2010-1411 flaw, who credit Kevin Finisterre of digitalmunition.com for the discovery of the issue. All libtiff users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. All running applications linked against libtiff must be restarted for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id47738
    published2010-07-16
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47738
    titleCentOS 4 / 5 : libtiff (CESA-2010:0519)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_0_LIBTIFF-DEVEL-100525.NASL
    descriptionThis update of libtiff fixes several integer overflows that could lead to a corrupted heap memory. This bug can be exploited remotely with a crafted TIFF file to cause an application crash or probably to execute arbitrary code. (CVE-2010-1411)
    last seen2020-06-01
    modified2020-06-02
    plugin id47019
    published2010-06-15
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47019
    titleopenSUSE Security Update : libtiff-devel (openSUSE-SU-2010:0324-1)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2010-180-02.NASL
    descriptionNew libtiff packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id47563
    published2010-07-01
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/47563
    titleSlackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 9.0 / 9.1 / current : libtiff (SSA:2010-180-02)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2010-10334.NASL
    descriptionFix numerous crashing bugs, including CVE-2010-1411, CVE-2010-2065, CVE-2010-2067, and CVE-2010-2233 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id47585
    published2010-07-02
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47585
    titleFedora 13 : libtiff-3.9.4-1.fc13 (2010-10334)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-2084.NASL
    descriptionKevin Finisterre discovered that several integer overflows in the TIFF library could lead to the execution of arbitrary code.
    last seen2020-06-01
    modified2020-06-02
    plugin id48241
    published2010-08-04
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/48241
    titleDebian DSA-2084-1 : tiff - integer overflows
  • NASL familySuSE Local Security Checks
    NASL idSUSE9_12618.NASL
    descriptionThis update of libtiff fixes several integer overflows that could lead to a corrupted heap memory. This bug can be exploited remotely with a crafted TIFF file to cause an application crash or probably to execute arbitrary code. (CVE-2010-1411)
    last seen2020-06-01
    modified2020-06-02
    plugin id47018
    published2010-06-15
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/47018
    titleSuSE9 Security Update : libtiff, (YOU Patch Number 12618)
  • NASL familyPeer-To-Peer File Sharing
    NASL idITUNES_9_2_BANNER.NASL
    descriptionThe version of Apple iTunes on the remote host is prior to version 9.2. It is, therefore, affected by multiple vulnerabilities : - A heap-based buffer overflow vulnerability exists in the handling of images with an embedded ColorSync profile. By using a specially crafted image, a remote attacker can exploit this to cause a denial of service or execute arbitrary code. (CVE-2009-1726) - Multiple integer overflow vulnerabilities exist in ImageIO
    last seen2020-06-01
    modified2020-06-02
    plugin id47038
    published2010-06-17
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/47038
    titleApple iTunes < 9.2 Multiple Vulnerabilities (uncredentialed check)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2010-0520.NASL
    descriptionUpdated libtiff packages that fix two security issues are now available for Red Hat Enterprise Linux 3. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Multiple integer overflow flaws, leading to a buffer overflow, were discovered in libtiff. An attacker could use these flaws to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. (CVE-2010-1411) An input validation flaw was discovered in libtiff. An attacker could use this flaw to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash. (CVE-2010-2598) Red Hat would like to thank Apple Product Security for responsibly reporting the CVE-2010-1411 flaw, who credit Kevin Finisterre of digitalmunition.com for the discovery of the issue. All libtiff users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. All running applications linked against libtiff must be restarted for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id47873
    published2010-07-28
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47873
    titleRHEL 3 : libtiff (RHSA-2010:0520)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_10_6_4.NASL
    descriptionThe remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.4. Mac OS X 10.6.4 contains security fixes for the following components : - CUPS - DesktopServices - Flash Player plug-in - Folder Manager - Help Viewer - iChat - ImageIO - Kerberos - Kernel - libcurl - Network Authorization - Open Directory - Printer Setup - Printing - Ruby - SMB File Server - SquirrelMail - Wiki Server
    last seen2020-06-01
    modified2020-06-02
    plugin id47023
    published2010-06-15
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/47023
    titleMac OS X 10.6.x < 10.6.4 Multiple Vulnerabilities
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2010-10460.NASL
    descriptionUpdate to version 3.9.4 which fixes several bugs and some CVE
    last seen2020-06-01
    modified2020-06-02
    plugin id47607
    published2010-07-07
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47607
    titleFedora 13 : mingw32-libtiff-3.9.4-1.fc13 (2010-10460)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2010-0520.NASL
    descriptionUpdated libtiff packages that fix two security issues are now available for Red Hat Enterprise Linux 3. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Multiple integer overflow flaws, leading to a buffer overflow, were discovered in libtiff. An attacker could use these flaws to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. (CVE-2010-1411) An input validation flaw was discovered in libtiff. An attacker could use this flaw to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash. (CVE-2010-2598) Red Hat would like to thank Apple Product Security for responsibly reporting the CVE-2010-1411 flaw, who credit Kevin Finisterre of digitalmunition.com for the discovery of the issue. All libtiff users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. All running applications linked against libtiff must be restarted for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id48341
    published2010-08-17
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/48341
    titleCentOS 3 : libtiff (CESA-2010:0520)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2010-146.NASL
    descriptionMultiple vulnerabilities has been discovered and corrected in libtiff : The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers an array index error, related to downsampled OJPEG input. (CVE-2010-2595) Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow (CVE-2010-1411). Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow (CVE-2010-2065). The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a TIFF file with an invalid combination of SamplesPerPixel and Photometric values (CVE-2010-2483). The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image, related to downsampled OJPEG input and possibly related to a compiler optimization that triggers a divide-by-zero error (CVE-2010-2597). The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file (CVE-2010-248). Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file (CVE-2010-2067). tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF image, related to downsampled OJPEG input. (CVE-2010-2233). LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted TIFF file, a different vulnerability than CVE-2010-2443 (CVE-2010-2482). The updated packages have been patched to correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id48272
    published2010-08-09
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/48272
    titleMandriva Linux Security Advisory : libtiff (MDVSA-2010:146)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_LIBTIFF-7052.NASL
    descriptionThis update of libtiff fixes several integer overflows that could lead to a corrupted heap memory. This bug can be exploited remotely with a crafted TIFF file to cause an application crash or probably to execute arbitrary code. (CVE-2010-1411)
    last seen2020-06-01
    modified2020-06-02
    plugin id49883
    published2010-10-11
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/49883
    titleSuSE 10 Security Update : libtiff (ZYPP Patch Number 7052)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2010-10359.NASL
    descriptionFix numerous crashing bugs, including CVE-2010-1411 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id47224
    published2010-07-01
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47224
    titleFedora 11 : libtiff-3.8.2-15.fc11 (2010-10359)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_1_LIBTIFF-DEVEL-100524.NASL
    descriptionThis update of libtiff fixes several integer overflows that could lead to a corrupted heap memory. This bug can be exploited remotely with a crafted TIFF file to cause an application crash or probably to execute arbitrary code. (CVE-2010-1411)
    last seen2020-06-01
    modified2020-06-02
    plugin id47020
    published2010-06-15
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47020
    titleopenSUSE Security Update : libtiff-devel (openSUSE-SU-2010:0324-1)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2010-0520.NASL
    descriptionFrom Red Hat Security Advisory 2010:0520 : Updated libtiff packages that fix two security issues are now available for Red Hat Enterprise Linux 3. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Multiple integer overflow flaws, leading to a buffer overflow, were discovered in libtiff. An attacker could use these flaws to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. (CVE-2010-1411) An input validation flaw was discovered in libtiff. An attacker could use this flaw to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash. (CVE-2010-2598) Red Hat would like to thank Apple Product Security for responsibly reporting the CVE-2010-1411 flaw, who credit Kevin Finisterre of digitalmunition.com for the discovery of the issue. All libtiff users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. All running applications linked against libtiff must be restarted for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id68060
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/68060
    titleOracle Linux 3 : libtiff (ELSA-2010-0520)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2010-145.NASL
    descriptionMultiple vulnerabilities has been discovered and corrected in libtiff : The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers an array index error, related to downsampled OJPEG input. (CVE-2010-2595) Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow (CVE-2010-1411). Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow (CVE-2010-2065). The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a TIFF file with an invalid combination of SamplesPerPixel and Photometric values (CVE-2010-2483). The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image, related to downsampled OJPEG input and possibly related to a compiler optimization that triggers a divide-by-zero error (CVE-2010-2597). The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file (CVE-2010-248). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=4 90 The updated packages have been patched to correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id48271
    published2010-08-09
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/48271
    titleMandriva Linux Security Advisory : libtiff (MDVSA-2010:145)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_313DA7DC763B11DFBCCE0018F3E2EB82.NASL
    descriptionKevin Finisterre reports : Multiple integer overflows in the handling of TIFF files may result in a heap buffer overflow. Opening a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution. The issues are addressed through improved bounds checking. Credit to Kevin Finisterre of digitalmunition.com for reporting these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id46876
    published2010-06-14
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/46876
    titleFreeBSD : tiff -- buffer overflow vulnerability (313da7dc-763b-11df-bcce-0018f3e2eb82)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SECUPD2010-004.NASL
    descriptionThe remote host is running a version of Mac OS X 10.5 that does not have Security Update 2010-004 applied. This security update contains fixes for the following components : - CUPS - DesktopServices - Flash Player plug-in - Folder Manager - iChat - ImageIO - Kerberos - Kernel - libcurl - Network Authorization - Ruby - SMB File Server - SquirrelMail - Wiki Server
    last seen2020-06-01
    modified2020-06-02
    plugin id47024
    published2010-06-15
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/47024
    titleMac OS X Multiple Vulnerabilities (Security Update 2010-004)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201209-02.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201209-02 (libTIFF: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in libTIFF. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted TIFF file with an application making use of libTIFF, possibly resulting in execution of arbitrary code with the privileges of the user running the application or a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id62235
    published2012-09-24
    reporterThis script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/62235
    titleGLSA-201209-02 : libTIFF: Multiple vulnerabilities
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2010-0519.NASL
    descriptionFrom Red Hat Security Advisory 2010:0519 : Updated libtiff packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Multiple integer overflow flaws, leading to a buffer overflow, were discovered in libtiff. An attacker could use these flaws to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. (CVE-2010-1411) Multiple input validation flaws were discovered in libtiff. An attacker could use these flaws to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash. (CVE-2010-2481, CVE-2010-2483, CVE-2010-2595, CVE-2010-2597) Red Hat would like to thank Apple Product Security for responsibly reporting the CVE-2010-1411 flaw, who credit Kevin Finisterre of digitalmunition.com for the discovery of the issue. All libtiff users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. All running applications linked against libtiff must be restarted for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id68059
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/68059
    titleOracle Linux 4 / 5 : libtiff (ELSA-2010-0519)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2010-10469.NASL
    descriptionUpdate to version 3.9.4 which fixes several bugs and some CVE
    last seen2020-06-01
    modified2020-06-02
    plugin id47608
    published2010-07-07
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47608
    titleFedora 12 : mingw32-libtiff-3.9.4-1.fc12 (2010-10469)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-954-1.NASL
    descriptionKevin Finisterre discovered that the TIFF library did not correctly handle certain image structures. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could execute arbitrary code with user privileges, or crash the application, leading to a denial of service. (CVE-2010-1411) Dan Rosenberg and Sauli Pahlman discovered multiple flaws in the TIFF library. If a user or automated system were into opening a specially crafted TIFF image, a remote attacker could execute arbitrary code with user privileges, or crash the application, leading to a denial of service. (Only Ubuntu 10.04 LTS was affected.) (CVE-2010-2065, CVE-2010-2067). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id47110
    published2010-06-22
    reporterUbuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47110
    titleUbuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : tiff vulnerabilities (USN-954-1)
  • NASL familyWindows
    NASL idITUNES_9_2.NASL
    descriptionThe version of Apple iTunes installed on the remote Windows host is older than 9.2. As such, it may be affected by multiple vulnerabilities : - A heap-based buffer overflow in the handling of images with an embedded ColorSync profile may lead to an application crash or arbitrary code execution. (CVE-2009-1726) - Multiple integer overflows in ImageIO
    last seen2020-06-01
    modified2020-06-02
    plugin id47037
    published2010-06-17
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/47037
    titleApple iTunes < 9.2 Multiple Vulnerabilities (credentialed check)

Redhat

advisories
  • rhsa
    idRHSA-2010:0519
  • rhsa
    idRHSA-2010:0520
rpms
  • libtiff-0:3.6.1-12.el4_8.5
  • libtiff-0:3.8.2-7.el5_5.5
  • libtiff-debuginfo-0:3.6.1-12.el4_8.5
  • libtiff-debuginfo-0:3.8.2-7.el5_5.5
  • libtiff-devel-0:3.6.1-12.el4_8.5
  • libtiff-devel-0:3.8.2-7.el5_5.5
  • libtiff-0:3.5.7-34.el3
  • libtiff-debuginfo-0:3.5.7-34.el3
  • libtiff-devel-0:3.5.7-34.el3

References