CVE-2013-4243
published 2013-09-10CVE-2013-4243: Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service…
PriorityP340medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
7.81%
93.9th percentile
Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image.
Affected
33 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | tiff | < tiff 4.0.3-9 (bookworm) | tiff 4.0.3-9 (bookworm) |
| libtiff | libtiff | <= 4.0.3 | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8LOW
vendor_redhat6.8MEDIUM
vendor_ubuntu4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4mjh-684p-r652: Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4
ghsa_unreviewed·2022-05-17
CVE-2013-4243 [MEDIUM] CWE-119 GHSA-4mjh-684p-r652: Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4
Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image.
OSV
tiff vulnerabilities
osv·2014-05-06·CVSS 4.3
CVE-2013-4231 [MEDIUM] tiff vulnerabilities
tiff vulnerabilities
Pedro Ribeiro discovered that LibTIFF incorrectly handled certain
malformed images when using the gif2tiff tool. If a user or automated
system were tricked into opening a specially crafted GIF image, a remote
attacker could crash the application, leading to a denial of service, or
possibly execute arbitrary code with user privileges. This issue only
affected Ubuntu 10.04 LTS, Ubunu 12.04 LTS, Ubuntu 12.10 and Ubuntu 13.10.
(CVE-2013-4231)
Pedro Ribeiro discovered that LibTIFF incorrectly handled certain
malformed images when using the tiff2pdf tool. If a user or automated
system were tricked into opening a specially crafted TIFF image, a remote
attacker could crash the application, leading to a denial of service, or
possibly execute arbitrary code with user privilege
OSV
CVE-2013-4243: Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4
osv·2013-09-10·CVSS 6.8
CVE-2013-4243 [MEDIUM] CVE-2013-4243: Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4
Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image.
Ubuntu
LibTIFF vulnerabilities
vendor_ubuntu·2014-05-06·CVSS 4.3
CVE-2013-4231 [MEDIUM] LibTIFF vulnerabilities
Title: LibTIFF vulnerabilities
Summary: LibTIFF could be made to crash or run programs as your login if it opened a
specially crafted file.
Pedro Ribeiro discovered that LibTIFF incorrectly handled certain
malformed images when using the gif2tiff tool. If a user or automated
system were tricked into opening a specially crafted GIF image, a remote
attacker could crash the application, leading to a denial of service, or
possibly execute arbitrary code with user privileges. This issue only
affected Ubuntu 10.04 LTS, Ubunu 12.04 LTS, Ubuntu 12.10 and Ubuntu 13.10.
(CVE-2013-4231)
Pedro Ribeiro discovered that LibTIFF incorrectly handled certain
malformed images when using the tiff2pdf tool. If a user or automated
system were tricked into opening a specially crafted TIFF image, a remote
atta
Red Hat
(gif2tiff): possible heap-based buffer overflow in readgifimage()
vendor_redhat·2013-08-14·CVSS 6.8
CVE-2013-4243 [MEDIUM] CWE-122 (gif2tiff): possible heap-based buffer overflow in readgifimage()
(gif2tiff): possible heap-based buffer overflow in readgifimage()
Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image.
Package: libtiff (Red Hat Enterprise Linux 7) - Not affected
Debian
CVE-2013-4243: tiff - Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in ...
vendor_debian·2013·CVSS 6.8
CVE-2013-4243 [MEDIUM] CVE-2013-4243: tiff - Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in ...
Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image.
Scope: local
bookworm: resolved (fixed in 4.0.3-9)
bullseye: resolved (fixed in 4.0.3-9)
forky: resolved (fixed in 4.0.3-9)
sid: resolved (fixed in 4.0.3-9)
trixie: resolved (fixed in 4.0.3-9)
No detection rules found.
No public exploits indexed.
arXiv
ShadowBound: Efficient Heap Memory Protection Through Advanced Metadata Management and Customized Compiler Optimization
arxiv_fulltext·2024-09-23
ShadowBound: Efficient Heap Memory Protection Through Advanced Metadata Management and Customized Compiler Optimization
ShadowBound
[1]blue#1
: Efficient Heap Memory Protection Through Advanced Metadata Management and Customized Compiler Optimization -10pt
Zheng Yu
Northwestern University
Ganxiang Yang
Northwestern University
Xinyu Xing
Northwestern University
### Abstract
In software development, the prevalence of unsafe languages such as C and C++ introduces potential vulnerabilities, especially within the heap, a pivotal component for dynamic memory allocation. Despite its significance, heap management complexities have made heap corruption pervasive, posing severe threats to system security. While prior solutions aiming for temporal and spatial memory safety exhibit overheads deemed impractical, we present , a unique heap memory protection design. At its core, is an efficient out-of-bounds defe
Bugzilla
CVE-2013-4231 CVE-2013-4232 CVE-2013-4243 CVE-2013-4244 mingw-libtiff various flaws [fedora-all]
bugzilla·2013-08-14·CVSS 4.3
CVE-2013-4231 [MEDIUM] CVE-2013-4231 CVE-2013-4232 CVE-2013-4243 CVE-2013-4244 mingw-libtiff various flaws [fedora-all]
CVE-2013-4231 CVE-2013-4232 CVE-2013-4243 CVE-2013-4244 mingw-libtiff various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
Please n
Bugzilla
CVE-2013-4231 CVE-2013-4232 CVE-2013-4243 CVE-2013-4244 libtiff various flaws [fedora-all]
bugzilla·2013-08-14·CVSS 4.3
CVE-2013-4231 [MEDIUM] CVE-2013-4231 CVE-2013-4232 CVE-2013-4243 CVE-2013-4244 libtiff various flaws [fedora-all]
CVE-2013-4231 CVE-2013-4232 CVE-2013-4243 CVE-2013-4244 libtiff various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
Please note: t
Bugzilla
CVE-2013-4243 libtiff (gif2tiff): possible heap-based buffer overflow in readgifimage()
bugzilla·2013-08-12·CVSS 6.8
CVE-2013-4243 [MEDIUM] CVE-2013-4243 libtiff (gif2tiff): possible heap-based buffer overflow in readgifimage()
CVE-2013-4243 libtiff (gif2tiff): possible heap-based buffer overflow in readgifimage()
A possible heap-based buffer overflow flaw was found in the readgifimage() function in gif2tiff, a tool to convert GIF images to TIFF. A remote attacker could provide a specially-crafted GIF file that, when processed by gif2tiff, would cause gif2tiff to crash or, potentially, execute arbitrary code with the privileges of the user running gif2tiff.
Discussion:
Created attachment 786400
Proposed patch
---
Created libtiff tracking bugs for this issue:
Affects: fedora-all [bug 996832]
---
Created mingw-libtiff tracking bugs for this issue:
Affects: fedora-all [bug 996833]
---
Acknowledgements:
This issue was discovered by Murray McAllister of the Red Hat Security Response Team.
---
Comment on
http://bugzilla.maptools.org/show_bug.cgi?id=2451http://rhn.redhat.com/errata/RHSA-2014-0223.htmlhttp://secunia.com/advisories/54543http://secunia.com/advisories/54628http://www.debian.org/security/2013/dsa-2744http://www.securityfocus.com/bid/62082https://bugzilla.redhat.com/show_bug.cgi?id=996052https://security.gentoo.org/glsa/201701-16http://bugzilla.maptools.org/show_bug.cgi?id=2451http://rhn.redhat.com/errata/RHSA-2014-0223.htmlhttp://secunia.com/advisories/54543http://secunia.com/advisories/54628http://www.debian.org/security/2013/dsa-2744http://www.securityfocus.com/bid/62082https://bugzilla.redhat.com/show_bug.cgi?id=996052https://security.gentoo.org/glsa/201701-16
2013-09-10
Published