CVE-2011-1167 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Tiff

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122 — Heap-based Buffer Overflow10 documents7 sources

Severity

6.8MEDIUMNVD

EPSS

5.5%

top 9.73%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Tiff Libtiff

Timeline

PublishedMar 28

Latest updateMay 14

Description

Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages2 packages

▶NVDlibtiff/libtiff3.9.4+24

▶debiandebian/tiff< tiff 3.9.4-9 (bookworm)

Patches

Patch: bugzilla.maptools.org ↗Patch: bugzilla.redhat.com ↗Patch: bugzilla.maptools.org ↗

🔴Vulnerability Details

GHSA

GHSA-p8f5-w48m-rr6p: Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder↗2022-05-14

▶

OSV

CVE-2011-1167: Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder↗2011-03-28

▶

📋Vendor Advisories

Ubuntu

tiff vulnerability↗2011-04-04

▶

Red Hat

libtiff: heap-based buffer overflow in thunder decoder (ZDI-11-107)↗2011-03-21

▶

Debian

CVE-2011-1167: tiff - Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thund...↗2011

▶

💬Community

Bugzilla

CVE-2011-2983 Mozilla: Private data leakage using RegExp.input↗2011-08-14

▶

Bugzilla

CVE-2011-1167 libtiff: heap-based buffer overflow in thunder decoder (ZDI-CAN-1004) [fedora-all]↗2011-03-21

▶

Bugzilla

CVE-2011-1167 libtiff: heap-based buffer overflow in thunder decoder (ZDI-CAN-1004) [fedora-all]↗2011-03-21

▶

Bugzilla

CVE-2011-1167 libtiff: heap-based buffer overflow in thunder decoder (ZDI-11-107)↗2011-03-14

▶