CVE-2010-4665

Publication date 3 May 2011

Last updated 24 July 2024


Ubuntu priority

Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF file containing a directory data structure with many directory entries.

Read the notes from the security team

Status

Package Ubuntu Release Status
tiff 11.10 oneiric
Not affected
11.04 natty
Fixed 3.9.4-5ubuntu6.1
10.10 maverick
Fixed 3.9.4-2ubuntu0.5
10.04 LTS lucid
Fixed 3.9.2-2ubuntu0.8
8.04 LTS hardy
Fixed 3.8.2-7ubuntu3.10
6.06 LTS dapper Ignored end of life

Notes


mdeslaur

only affects tiffdump tool

References

Related Ubuntu Security Notices (USN)

Other references