CVE-2012-3401
published 2012-08-13CVE-2012-3401: The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in…
PriorityP336medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
4.07%
89.4th percentile
The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow.
Affected
29 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | tiff | < tiff 4.0.2-2 (bookworm) | tiff 4.0.2-2 (bookworm) |
| libtiff | libtiff | <= 4.0.2 | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8MEDIUM
vendor_redhat6.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
tiff vulnerability
vendor_ubuntu·2012-07-19
CVE-2012-3401 tiff vulnerability
Title: tiff vulnerability
Summary: tiff2pdf could be made to crash or run programs as your login if it opened
a specially crafted file.
Huzaifa Sidhpurwala discovered that the tiff2pdf utility incorrectly
handled certain malformed TIFF images. If a user or automated system were
tricked into opening a specially crafted TIFF image, a remote attacker
could crash the application, leading to a denial of service, or possibly
execute arbitrary code with user privileges.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
(tiff2pdf): Heap-based buffer overflow due to improper initialization of T2P context struct pointer
vendor_redhat·2012-07-18·CVSS 6.8
CVE-2012-3401 [MEDIUM] CWE-122 (tiff2pdf): Heap-based buffer overflow due to improper initialization of T2P context struct pointer
(tiff2pdf): Heap-based buffer overflow due to improper initialization of T2P context struct pointer
The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow.
Statement: The Red Hat Security Response Team has rated this issue as having moderate security impact. A future libtiff package update may address this issue in Red Hat Enterprise Linux 5 and 6. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
Debian
CVE-2012-3401: tiff - The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 ...
vendor_debian·2012·CVSS 6.8
CVE-2012-3401 [MEDIUM] CVE-2012-3401: tiff - The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 ...
The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow.
Scope: local
bookworm: resolved (fixed in 4.0.2-2)
bullseye: resolved (fixed in 4.0.2-2)
forky: resolved (fixed in 4.0.2-2)
sid: resolved (fixed in 4.0.2-2)
trixie: resolved (fixed in 4.0.2-2)
GHSA
GHSA-j3j5-3pcx-xp73: The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf
ghsa_unreviewed·2022-05-17
CVE-2012-3401 [MEDIUM] CWE-119 GHSA-j3j5-3pcx-xp73: The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf
The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow.
OSV
CVE-2012-3401: The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf
osv·2012-08-13·CVSS 6.8
CVE-2012-3401 [MEDIUM] CVE-2012-3401: The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf
The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2012-4447 CVE-2012-3401 CVE-2012-5581 CVE-2012-4564 libtiff various flaws [fedora-all]
bugzilla·2012-11-28·CVSS 6.8
CVE-2012-4447 [MEDIUM] CVE-2012-4447 CVE-2012-3401 CVE-2012-5581 CVE-2012-4564 libtiff various flaws [fedora-all]
CVE-2012-4447 CVE-2012-3401 CVE-2012-5581 CVE-2012-4564 libtiff various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
Please note: t
Bugzilla
CVE-2012-3401 libtiff (tiff2pdf): Heap-based buffer overflow due to improper initialization of T2P context struct pointer [fedora-all]
bugzilla·2012-07-20·CVSS 6.8
CVE-2012-3401 [MEDIUM] CVE-2012-3401 libtiff (tiff2pdf): Heap-based buffer overflow due to improper initialization of T2P context struct pointer [fedora-all]
CVE-2012-3401 libtiff (tiff2pdf): Heap-based buffer overflow due to improper initialization of T2P context struct pointer [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
Bugzilla
CVE-2012-3401 libtiff (tiff2pdf): Heap-based buffer overflow due to improper initialization of T2P context struct pointer
bugzilla·2012-07-04·CVSS 6.8
CVE-2012-3401 [MEDIUM] CVE-2012-3401 libtiff (tiff2pdf): Heap-based buffer overflow due to improper initialization of T2P context struct pointer
CVE-2012-3401 libtiff (tiff2pdf): Heap-based buffer overflow due to improper initialization of T2P context struct pointer
A heap-based buffer overflow flaw was found in the way tiff2pdf, a TIFF image to a PDF document conversion tool, of libtiff, a library of functions for manipulating TIFF (Tagged Image File Format) image format files, performed write of TIFF image content into particular PDF document file, when not properly initialized T2P context struct pointer has been provided by tiff2pdf (application requesting the conversion) as one of parameters for the routine performing the write. A remote attacker could provide a specially-crafted TIFF image format file, that when processed by tiff2pdf would lead to tiff2pdf executable crash or, potentially, arbitrary code execution with the pr
http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830http://lists.opensuse.org/opensuse-updates/2012-08/msg00011.htmlhttp://osvdb.org/84090http://rhn.redhat.com/errata/RHSA-2012-1590.htmlhttp://secunia.com/advisories/49938http://secunia.com/advisories/50007http://secunia.com/advisories/50726http://security.gentoo.org/glsa/glsa-201209-02.xmlhttp://www.debian.org/security/2012/dsa-2552http://www.mandriva.com/security/advisories?name=MDVSA-2012:127http://www.openwall.com/lists/oss-security/2012/07/19/1http://www.openwall.com/lists/oss-security/2012/07/19/4http://www.securityfocus.com/bid/54601http://www.ubuntu.com/usn/USN-1511-1http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdfhttps://bugzilla.redhat.com/attachment.cgi?id=596457https://bugzilla.redhat.com/show_bug.cgi?id=837577https://exchange.xforce.ibmcloud.com/vulnerabilities/77088http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830http://lists.opensuse.org/opensuse-updates/2012-08/msg00011.htmlhttp://osvdb.org/84090http://rhn.redhat.com/errata/RHSA-2012-1590.htmlhttp://secunia.com/advisories/49938http://secunia.com/advisories/50007http://secunia.com/advisories/50726http://security.gentoo.org/glsa/glsa-201209-02.xmlhttp://www.debian.org/security/2012/dsa-2552http://www.mandriva.com/security/advisories?name=MDVSA-2012:127http://www.openwall.com/lists/oss-security/2012/07/19/1http://www.openwall.com/lists/oss-security/2012/07/19/4http://www.securityfocus.com/bid/54601http://www.ubuntu.com/usn/USN-1511-1http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdfhttps://bugzilla.redhat.com/attachment.cgi?id=596457https://bugzilla.redhat.com/show_bug.cgi?id=837577https://exchange.xforce.ibmcloud.com/vulnerabilities/77088
2012-08-13
Published