CVE-2010-2067

Published: 06/24/2010 12:30:01

Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file.

MEDIUM
CVSS v2: 6.8

Status

DocFilters Release	Package	State	Justification	Comment
25.1	libtiff (4.6.0)	Not Affected	Code Not Present	4.6.0 does not match CVE configuration.
24.4	libtiff (4.6.0)	Not Affected	Code Not Present	4.6.0 does not match CVE configuration.
24.4.0	libtiff (4.6.0)	Not Affected	Code Not Present	4.6.0 does not match CVE configuration.
24.3	libtiff (4.6.0)	Not Affected	Code Not Present	4.6.0 does not match CVE configuration.
24.2.1	libtiff (4.6.0)	Not Affected	Code Not Present	4.6.0 does not match CVE configuration.
24.2	libtiff (4.6.0)	Not Affected	Code Not Present	4.6.0 does not match CVE configuration.
24.1	libtiff (4.6.0)	Not Affected	Code Not Present	4.6.0 does not match CVE configuration.
23.3	libtiff (4.5.1)	Not Affected	Code Not Present	4.5.1 does not match CVE configuration.
23.2.1	libtiff (4.3.0)	Not Affected	Code Not Present	4.3.0 does not match CVE configuration.
23.2	libtiff (4.3.0)	Not Affected	Code Not Present	4.3.0 does not match CVE configuration.
23.1	libtiff (4.3.0)	Not Affected	Code Not Present	4.3.0 does not match CVE configuration.
22.4	libtiff (4.3.0)	Not Affected	Code Not Present	4.3.0 does not match CVE configuration.
22.3	libtiff (4.3.0)	Not Affected	Code Not Present	4.3.0 does not match CVE configuration.
22.2	libtiff (4.3.0)	Not Affected	Code Not Present	4.3.0 does not match CVE configuration.
22.1	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
21.11.1	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
21.11	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
21.8.1	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
21.8	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
21.5.1	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
21.5.0	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
21.2.0	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.20	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.19.3667	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.18.3599	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.17	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.16.3445	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.15.3368	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.14.3263	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.13.3179	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.12.3054	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.11.3040	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.11.2990	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.10.2934	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.9.2878	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.8.2822	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.

Severity score breakdown

References

NVD
MITRE