CVE-2010-2598
Red Hat Enterprise Linux 3 x86_64 - Denial of Service via Crafted TIFF Image
Title source: llmDescription
LibTIFF in Red Hat Enterprise Linux (RHEL) 3 on x86_64 platforms, as used in tiff2rgba, attempts to process image data even when the required compression functionality is not configured, which allows remote attackers to cause a denial of service via a crafted TIFF image, related to "downsampled OJPEG input."
References (4)
Core 4
Core References
Broken Link vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1761
Not Applicable vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0520.html
Permissions Required, Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/40536
Exploit x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=583081
Scores
EPSS
0.0199
EPSS Percentile
78.3%
Details
CWE
CWE-20
Status
published
Products (2)
redhat/enterprise_linux
3 (6 CPE variants)
redhat/enterprise_linux
3.0
Published
Jul 02, 2010
Tracked Since
Feb 18, 2026