cbcvebase.
CVE-2012-2113
published 2012-07-22

CVE-2012-2113: Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow remote attackers to cause a denial of service (application crash) or possibly execute…

PriorityP335medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
5.55%
91.9th percentile
Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.

Affected

29 ranges· showing 25
VendorProductVersion rangeFixed in
debiantiff< tiff 4.0.2-1 (bookworm)tiff 4.0.2-1 (bookworm)
libtifflibtiff<= 4.0.1
libtifflibtiff
libtifflibtiff
libtifflibtiff
libtifflibtiff
libtifflibtiff
libtifflibtiff
libtifflibtiff
libtifflibtiff
libtifflibtiff
libtifflibtiff
libtifflibtiff
libtifflibtiff
libtifflibtiff
libtifflibtiff
libtifflibtiff
libtifflibtiff
libtifflibtiff
libtifflibtiff
libtifflibtiff
libtifflibtiff
libtifflibtiff
libtifflibtiff
libtifflibtiff

CVSS provenance

nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_ubuntu7.5HIGH
vendor_debian6.8MEDIUM
vendor_redhat6.8MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.