CVE-2011-0192Improper Restriction of Operations within the Bounds of a Memory Buffer in Tiff

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer10 documents7 sources
Severity
9.3CRITICALNVD
EPSS
9.4%
top 7.21%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Debian TiffApple Itunes
Timeline
PublishedMar 3
Latest updateMay 17

Description

Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h. NOTE: some of these details are obtained from third party information.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDapple/itunes10.1.2+64
debiandebian/tiff< tiff 3.9.4-7 (bookworm)

Patches

Patch: lists.apple.comPatch: lists.apple.com

🔴Vulnerability Details

2
GHSA
GHSA-8jmv-mmc9-gx7j: Buffer overflow in Fax4Decode in LibTIFF 32022-05-17
OSV
CVE-2011-0192: Buffer overflow in Fax4Decode in LibTIFF 32011-03-03

📋Vendor Advisories

3
Ubuntu
tiff vulnerabilities2011-03-07
Red Hat
libtiff: buffer overflow in Fax4Decode2011-03-02
Debian
CVE-2011-0192: tiff - Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as u...2011

💬Community

4
Bugzilla
CVE-2011-4575 JMX Console: XSS in invoke operation2011-12-06
Bugzilla
Regression in libtiff due to CVE-2011-0192 fix2011-03-18
Bugzilla
CVE-2011-0192 libtiff: buffer overflow in Fax4Decode [fedora-all]2011-03-02
Bugzilla
CVE-2011-0192 libtiff: buffer overflow in Fax4Decode2011-02-18