5
CVE-2005-2452
- EPSS 1.94%
- Veröffentlicht 03.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:14:54
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
libtiff up to 3.7.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image header with a zero "YCbCr subsampling" value, which causes a divide-by-zero error in (1) tif_strip.c and (2) tif_tile.c, a different vulnerability than CVE-2004-0804.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.94% | 0.775 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
http://secunia.com/advisories/16266
http://secunia.com/advisories/16486
http://www.mandriva.com/security/advisories?name=MDKSA-2005:142
http://www.mandriva.com/security/advisories?name=MDKSA-2005:143
http://www.mandriva.com/security/advisories?name=MDKSA-2005:144
http://www.securityfocus.com/bid/14417
https://bugzilla.ubuntu.com/show_bug.cgi?id=12008
https://usn.ubuntu.com/156-1/