Launchpad.net

CVE 2010-2630

The TIFFReadDirectory function in LibTIFF 3.9.0 does not properly validate the data types of codec-specific tags that have an out-of-order position in a TIFF file, which allows remote attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2010-2481.

Related bugs and status

CVE-2010-2630 (Candidate) is related to these bugs:

Bug #591605: eog crashed with SIGSEGV in TIFFRGBAImageGet()

		In	Importance	Status
591605	eog crashed with SIGSEGV in TIFFRGBAImageGet()	tiff (Ubuntu)	Medium	Fix Released
591605	eog crashed with SIGSEGV in TIFFRGBAImageGet()	tiff (Ubuntu Lucid)	Medium	Fix Released
591605	eog crashed with SIGSEGV in TIFFRGBAImageGet()	tiff (Ubuntu Maverick)	Medium	Fix Released
591605	eog crashed with SIGSEGV in TIFFRGBAImageGet()	LibTIFF	Medium	Fix Released
591605	eog crashed with SIGSEGV in TIFFRGBAImageGet()	tiff (Debian)	Unknown	Fix Released

Bug #593067: eog crashed with SIGSEGV in __memset_sse2()

Summary				In	Importance	Status
	593067	eog crashed with SIGSEGV in __memset_sse2()		tiff (Ubuntu)	Medium	Fix Released

Bug #597246: eog crashed with SIGSEGV in TIFFVGetField()

Summary				In	Importance	Status
	597246	eog crashed with SIGSEGV in TIFFVGetField()		tiff (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2010-2630

Related bugs and status

Related bugs

References