CVE-2010-2065 CVE-2010-2443 Integer Overflow and DoS Vulnerabilities in libtiff

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2010-2065 Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3\nmay allow remote users to cause a Denial of Service (DoS - application\ncrash) or possibly execute arbitrary code.\n 6.8 libtiff
Solaris 8 SPARC: 139093-02 X86: 139094-02
Solaris 9 SPARC: 125673-04 X86: 125674-04
Solaris 10 SPARC: 119900-11 X86: 119901-10
OpenSolaris snv_111b plus bug fix for 6970794
CVE-2010-2443 NULL pointer derefence in the OJPEGReadBufferFill function in\ntif_ojpeg.c in LibTIFF may remote users to cause a Denial of Service\n(DoS - application crash).\n 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.
Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Comments:

Post a Comment:
Comments are closed for this entry.
About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
2
3
4
5
6
7
8
9
10
11
12
13
14
16
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today