CVE-2010-1411

Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as used in ImageIO in Apple Mac OS X 10.5.8 and Mac OS X 10.6 before 10.6.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow.

Affected Software

Name	Vendor	Start Version	End Version
Mac_os_x	Apple	10.5.8 (including)	10.5.8 (including)
Mac_os_x	Apple	10.6.0 (including)	10.6.0 (including)
Mac_os_x	Apple	10.6.1 (including)	10.6.1 (including)
Mac_os_x	Apple	10.6.2 (including)	10.6.2 (including)
Mac_os_x	Apple	10.6.3 (including)	10.6.3 (including)
Mac_os_x_server	Apple	10.5.8 (including)	10.5.8 (including)
Mac_os_x_server	Apple	10.6.0 (including)	10.6.0 (including)
Mac_os_x_server	Apple	10.6.1 (including)	10.6.1 (including)
Mac_os_x_server	Apple	10.6.2 (including)	10.6.2 (including)
Mac_os_x_server	Apple	10.6.3 (including)	10.6.3 (including)
Red Hat Enterprise Linux 3	RedHat	libtiff-0:3.5.7-34.el3	*
Red Hat Enterprise Linux 4	RedHat	libtiff-0:3.6.1-12.el4_8.5	*
Red Hat Enterprise Linux 5	RedHat	libtiff-0:3.8.2-7.el5_5.5	*
Tiff	Ubuntu	dapper	*
Tiff	Ubuntu	devel	*
Tiff	Ubuntu	hardy	*
Tiff	Ubuntu	jaunty	*
Tiff	Ubuntu	karmic	*
Tiff	Ubuntu	lucid	*
Tiff	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-1411
CWE	https://cwe.mitre.org/data/definitions/189.html

Affected Software

References