CVE-2010-2598

Red Hat Enterprise Linux 3 x86_64 - Denial of Service via Crafted TIFF Image

Title source: llm
STIX 2.1

Description

LibTIFF in Red Hat Enterprise Linux (RHEL) 3 on x86_64 platforms, as used in tiff2rgba, attempts to process image data even when the required compression functionality is not configured, which allows remote attackers to cause a denial of service via a crafted TIFF image, related to "downsampled OJPEG input."

References (4)

Core 4
Core References
Broken Link vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1761
Not Applicable vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0520.html
Permissions Required, Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/40536

Scores

EPSS 0.0199
EPSS Percentile 78.3%

Details

CWE
CWE-20
Status published
Products (2)
redhat/enterprise_linux 3 (6 CPE variants)
redhat/enterprise_linux 3.0
Published Jul 02, 2010
Tracked Since Feb 18, 2026