CVE-2012-3401

libtiff < 4.0.2 - Denial of Service and Possible Remote Code Execution via Crafted TIFF Image

Title source: llm

Description

The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow.

References (18)

Core 18

Core References

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-updates/2012-08/msg00011.html

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/49938

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/50007

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-1511-1

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/84090

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/77088

Issue Tracking x_refsource_misc

https://bugzilla.redhat.com/attachment.cgi?id=596457

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2012:127

Issue Tracking x_refsource_misc

https://bugzilla.redhat.com/show_bug.cgi?id=837577

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2012/07/19/1

Product x_refsource_misc

http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/54601

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2012/07/19/4

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2012/dsa-2552

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-201209-02.xml

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2012-1590.html

Various Sources x_refsource_confirm

http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/50726

Scores

EPSS 0.0092

EPSS Percentile 76.2%

Details

CWE

CWE-119

Status published

Products (26)

libtiff/libtiff 3.4 (11 CPE variants)

libtiff/libtiff 3.5.1

libtiff/libtiff 3.5.2

libtiff/libtiff 3.5.3

libtiff/libtiff 3.5.4

libtiff/libtiff 3.5.5

libtiff/libtiff 3.5.6 (2 CPE variants)

libtiff/libtiff 3.5.7 (6 CPE variants)

libtiff/libtiff 3.6.0 (3 CPE variants)

libtiff/libtiff 3.6.1

... and 16 more

Published Aug 13, 2012

Tracked Since Feb 18, 2026