CVE-2009-2347 — Integer Overflow or Wraparound in Tiff

CWE-189 CWE-190 — Integer Overflow or Wraparound7 documents7 sources

Severity

9.3CRITICALNVD

EPSS

1.1%

top 22.33%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Tiff Libtiff

Timeline

PublishedJul 14

Latest updateMay 2

Description

Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buffer overflow in the (a) cvt_whole_image function in tiff2rgba and (b) tiffcvt function in rgb2ycbcr.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

▶NVDlibtiff/libtiff5 versions+4

▶debiandebian/tiff< tiff 3.8.2-13 (bookworm)

Patches

Patch: article.gmane.org ↗Patch: bugzilla.maptools.org ↗Patch: www.mandriva.com ↗

🔴Vulnerability Details

GHSA

GHSA-vf2q-hvf8-f62h: Multiple integer overflows in inter-color spaces conversion tools in libtiff 3↗2022-05-02

▶

OSV

CVE-2009-2347: Multiple integer overflows in inter-color spaces conversion tools in libtiff 3↗2009-07-14

▶

📋Vendor Advisories

Red Hat

libtiff: integer overflows in various inter-color spaces conversion tools (crash, ACE)↗2009-07-13

▶

Ubuntu

tiff vulnerability↗2009-07-13

▶

Debian

CVE-2009-2347: tiff - Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8...↗2009

▶

💬Community

Bugzilla

CVE-2009-2347 libtiff: integer overflows in various inter-color spaces conversion tools (crash, ACE)↗2009-07-07

▶