CVE-2010-2482
libtiff < 3.9.4 - Denial of Service via Invalid td_stripbytecount Field
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2010-2482. PoCs published by Tomas Hoger.
AI-analyzed exploit summary The exploit leverages a denial-of-service vulnerability in LibTIFF due to improper input validation. It provides a PoC TIFF file that can crash applications using vulnerable versions of the library (up to 3.9.4).
Description
LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted TIFF file, a different vulnerability than CVE-2010-2443.
Exploits (1)
The exploit leverages a denial-of-service vulnerability in LibTIFF due to improper input validation. It provides a PoC TIFF file that can crash applications using vulnerable versions of the library (up to 3.9.4).