CVE-2009-2347
published 2009-07-14CVE-2009-2347: Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute…
PriorityP342critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
4.15%
89.6th percentile
Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buffer overflow in the (a) cvt_whole_image function in tiff2rgba and (b) tiffcvt function in rgb2ycbcr.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | tiff | < tiff 3.8.2-13 (bookworm) | tiff 3.8.2-13 (bookworm) |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv9.3CRITICAL
vendor_debian9.3CRITICAL
vendor_redhat9.3CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
libtiff: integer overflows in various inter-color spaces conversion tools (crash, ACE)
vendor_redhat·2009-07-13·CVSS 9.3
CVE-2009-2347 [CRITICAL] CWE-190 libtiff: integer overflows in various inter-color spaces conversion tools (crash, ACE)
libtiff: integer overflows in various inter-color spaces conversion tools (crash, ACE)
Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buffer overflow in the (a) cvt_whole_image function in tiff2rgba and (b) tiffcvt function in rgb2ycbcr.
Ubuntu
tiff vulnerability
vendor_ubuntu·2009-07-13
CVE-2009-2347 tiff vulnerability
Title: tiff vulnerability
Summary: tiff vulnerability
Tielei Wang and Tom Lane discovered that the TIFF library did not correctly
handle certain malformed TIFF images. If a user or automated system were
tricked into processing a malicious image, an attacker could execute
arbitrary code with the privileges of the user invoking the program.
Instructions: In general, a standard system upgrade is sufficient to effect the
necessary changes.
Debian
CVE-2009-2347: tiff - Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8...
vendor_debian·2009·CVSS 9.3
CVE-2009-2347 [CRITICAL] CVE-2009-2347: tiff - Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8...
Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buffer overflow in the (a) cvt_whole_image function in tiff2rgba and (b) tiffcvt function in rgb2ycbcr.
Scope: local
bookworm: resolved (fixed in 3.8.2-13)
bullseye: resolved (fixed in 3.8.2-13)
forky: resolved (fixed in 3.8.2-13)
sid: resolved (fixed in 3.8.2-13)
trixie: resolved (fixed in 3.8.2-13)
GHSA
GHSA-vf2q-hvf8-f62h: Multiple integer overflows in inter-color spaces conversion tools in libtiff 3
ghsa_unreviewed·2022-05-02
CVE-2009-2347 [HIGH] GHSA-vf2q-hvf8-f62h: Multiple integer overflows in inter-color spaces conversion tools in libtiff 3
Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buffer overflow in the (a) cvt_whole_image function in tiff2rgba and (b) tiffcvt function in rgb2ycbcr.
OSV
CVE-2009-2347: Multiple integer overflows in inter-color spaces conversion tools in libtiff 3
osv·2009-07-14·CVSS 9.3
CVE-2009-2347 [CRITICAL] CVE-2009-2347: Multiple integer overflows in inter-color spaces conversion tools in libtiff 3
Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buffer overflow in the (a) cvt_whole_image function in tiff2rgba and (b) tiffcvt function in rgb2ycbcr.
No detection rules found.
No public exploits indexed.
http://article.gmane.org/gmane.linux.debian.devel.changes.unstable/178563/http://bugzilla.maptools.org/show_bug.cgi?id=2079http://osvdb.org/55821http://osvdb.org/55822http://secunia.com/advisories/35811http://secunia.com/advisories/35817http://secunia.com/advisories/35866http://secunia.com/advisories/35883http://secunia.com/advisories/35911http://secunia.com/advisories/36194http://secunia.com/advisories/50726http://security.gentoo.org/glsa/glsa-200908-03.xmlhttp://security.gentoo.org/glsa/glsa-201209-02.xmlhttp://www.debian.org/security/2009/dsa-1835http://www.mandriva.com/security/advisories?name=MDVSA-2009:150http://www.mandriva.com/security/advisories?name=MDVSA-2011:043http://www.ocert.org/advisories/ocert-2009-012.htmlhttp://www.redhat.com/support/errata/RHSA-2009-1159.htmlhttp://www.securityfocus.com/archive/1/504892/100/0/threadedhttp://www.securityfocus.com/bid/35652http://www.securitytracker.com/id?1022539http://www.ubuntu.com/usn/USN-801-1http://www.vupen.com/english/advisories/2009/1870http://www.vupen.com/english/advisories/2011/0621https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-2347https://exchange.xforce.ibmcloud.com/vulnerabilities/51688https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10988https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00663.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-July/msg00724.htmlhttp://article.gmane.org/gmane.linux.debian.devel.changes.unstable/178563/http://bugzilla.maptools.org/show_bug.cgi?id=2079http://osvdb.org/55821http://osvdb.org/55822http://secunia.com/advisories/35811http://secunia.com/advisories/35817http://secunia.com/advisories/35866http://secunia.com/advisories/35883http://secunia.com/advisories/35911http://secunia.com/advisories/36194http://secunia.com/advisories/50726http://security.gentoo.org/glsa/glsa-200908-03.xmlhttp://security.gentoo.org/glsa/glsa-201209-02.xmlhttp://www.debian.org/security/2009/dsa-1835http://www.mandriva.com/security/advisories?name=MDVSA-2009:150http://www.mandriva.com/security/advisories?name=MDVSA-2011:043http://www.ocert.org/advisories/ocert-2009-012.htmlhttp://www.redhat.com/support/errata/RHSA-2009-1159.htmlhttp://www.securityfocus.com/archive/1/504892/100/0/threadedhttp://www.securityfocus.com/bid/35652http://www.securitytracker.com/id?1022539http://www.ubuntu.com/usn/USN-801-1http://www.vupen.com/english/advisories/2009/1870http://www.vupen.com/english/advisories/2011/0621https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-2347https://exchange.xforce.ibmcloud.com/vulnerabilities/51688https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10988https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00663.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-July/msg00724.html
2009-07-14
Published