4.3
CVE-2010-2630
- EPSS 4.95%
- Veröffentlicht 06.07.2010 17:17:20
- Zuletzt bearbeitet 16.06.2026 23:21:06
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The TIFFReadDirectory function in LibTIFF 3.9.0 does not properly validate the data types of codec-specific tags that have an out-of-order position in a TIFF file, which allows remote attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2010-2481.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.95% | 0.911 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://secunia.com/advisories/50726
http://security.gentoo.org/glsa/glsa-201209-02.xml
http://www.debian.org/security/2012/dsa-2552
http://bugzilla.maptools.org/show_bug.cgi?id=2210
https://bugzilla.redhat.com/show_bug.cgi?id=554371