Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2285

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2009-2285
Last Modified 24 Aug 2010 01:37:45
Published 01 Jul 2009 09:00:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-2285

Summary

Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327.

Vulnerable Systems

Application

  • Libtiff 3.8.2


References

FEDORA - FEDORA-2009-7763

FEDORA - FEDORA-2009-7717

FEDORA - FEDORA-2009-7417

FEDORA - FEDORA-2009-7358

FEDORA - FEDORA-2009-7335

CONFIRM - https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/380149

VUPEN - ADV-2010-0173

VUPEN - ADV-2009-3184

VUPEN - ADV-2009-2727

VUPEN - ADV-2009-1637

UBUNTU - USN-797-1

REDHAT - RHSA-2009:1159

MLIST - [oss-security] 20090629 CVE Request -- libtiff [was: Re: libtiff buffer underflow in LZWDecodeCompat]

MLIST - [oss-security] 20090623 Re: libtiff buffer underflow in LZWDecodeCompat

MLIST - [oss-security] 20090621 libtiff buffer underflow in LZWDecodeCompat

MISC - http://www.lan.st/showthread.php?t=1856&page=3

DEBIAN - DSA-1835

CONFIRM - http://support.apple.com/kb/HT4105

CONFIRM - http://support.apple.com/kb/HT4070

CONFIRM - http://support.apple.com/kb/HT4013

CONFIRM - http://support.apple.com/kb/HT4004

CONFIRM - http://support.apple.com/kb/HT3937

SUNALERT - 267808

GENTOO - GLSA-200908-03

SECUNIA - 39135

SECUNIA - 38241

SECUNIA - 36831

SECUNIA - 36194

SECUNIA - 35912

SECUNIA - 35883

SECUNIA - 35866

SECUNIA - 35716

SECUNIA - 35695

APPLE - APPLE-SA-2010-03-11-1

APPLE - APPLE-SA-2010-01-19-1

APPLE - APPLE-SA-2010-02-02-1

APPLE - APPLE-SA-2010-03-30-2

APPLE - APPLE-SA-2009-11-09-1

CONFIRM - http://bugzilla.maptools.org/show_bug.cgi?id=2065

Related Patches

Apple 2009-11-09 Mac OS X v10.6.2 Update

Apple Safari 4.0.5 for Windows (Upgrade) (All Languages)

Apple iTunes 9.1 for Windows (Update) (All Languages) (See Notes) (Rev 2)


Last Updated: 27 May 2016 10:50:50