CVE-2010-2065 CVE-2010-2443 Integer Overflow and DoS Vulnerabilities in libtiff
By chandan on Feb 08, 2012
|CVE Description||CVSSv2 Base Score||Component||Product and Resolution|
|CVE-2010-2065 Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3\nmay allow remote users to cause a Denial of Service (DoS - application\ncrash) or possibly execute arbitrary code.\n||6.8||libtiff||
|CVE-2010-2443 NULL pointer derefence in the OJPEGReadBufferFill function in\ntif_ojpeg.c in LibTIFF may remote users to cause a Denial of Service\n(DoS - application crash).\n||5.0|
This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.
Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.