CVE-2009-5022
Published: March 5, 2011
Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in LibTIFF before 3.9.5 allows remote attackers to execute arbitrary code via a crafted TIFF file.
MEDIUM
CVSS v2: 6.8
CVSS v2: 6.8
Status
| DocFilters Release | Package | State | Justification | Comment |
|---|---|---|---|---|
| 25.1 | libtiff (4.6.0) | Not Affected | Code Not Present | 4.6.0 does not match CVE configuration. |
| 24.4 | libtiff (4.6.0) | Not Affected | Code Not Present | 4.6.0 does not match CVE configuration. |
| 24.4.0 | libtiff (4.6.0) | Not Affected | Code Not Present | 4.6.0 does not match CVE configuration. |
| 24.3 | libtiff (4.6.0) | Not Affected | Code Not Present | 4.6.0 does not match CVE configuration. |
| 24.2.1 | libtiff (4.6.0) | Not Affected | Code Not Present | 4.6.0 does not match CVE configuration. |
| 24.2 | libtiff (4.6.0) | Not Affected | Code Not Present | 4.6.0 does not match CVE configuration. |
| 24.1 | libtiff (4.6.0) | Not Affected | Code Not Present | 4.6.0 does not match CVE configuration. |
| 23.3 | libtiff (4.5.1) | Not Affected | Code Not Present | 4.5.1 does not match CVE configuration. |
| 23.2.1 | libtiff (4.3.0) | Not Affected | Code Not Present | 4.3.0 does not match CVE configuration. |
| 23.2 | libtiff (4.3.0) | Not Affected | Code Not Present | 4.3.0 does not match CVE configuration. |
| 23.1 | libtiff (4.3.0) | Not Affected | Code Not Present | 4.3.0 does not match CVE configuration. |
| 22.4 | libtiff (4.3.0) | Not Affected | Code Not Present | 4.3.0 does not match CVE configuration. |
| 22.3 | libtiff (4.3.0) | Not Affected | Code Not Present | 4.3.0 does not match CVE configuration. |
| 22.2 | libtiff (4.3.0) | Not Affected | Code Not Present | 4.3.0 does not match CVE configuration. |
| 22.1 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 21.11.1 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 21.11 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 21.8.1 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 21.8 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 21.5.1 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 21.5.0 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 21.2.0 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.20 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.19.3667 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.18.3599 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.17 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.16.3445 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.15.3368 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.14.3263 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.13.3179 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.12.3054 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.11.3040 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.11.2990 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.10.2934 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.9.2878 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.8.2822 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |