Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2013:1639-1)
Summary:The remote host is missing an update for the 'libtiff' package(s) announced via the SUSE-SU-2013:1639-1 advisory.
The remote host is missing an update for the 'libtiff' package(s) announced via the SUSE-SU-2013:1639-1 advisory.

Vulnerability Insight:
This tiff LTSS roll up update fixes several security issues.

* CVE-2013-4232 CVE-2013-4231: buffer overflows/use after free problem
* CVE-2013-4243: libtiff (gif2tiff): heap-based buffer overflow in readgifimage()
* CVE-2013-4244: libtiff (gif2tiff): OOB Write in LZW decompressor
* CVE-2013-1961: Stack-based buffer overflow with malformed image-length and resolution
* CVE-2013-1960: Heap-based buffer overflow in t2_process_jpeg_strip()
* CVE-2012-4447: Heap-buffer overflow when processing a TIFF image with PixarLog Compression
* CVE-2012-4564: Added a ppm2tiff missing return value check
* CVE-2012-5581: Fixed Stack based buffer overflow when handling DOTRANGE tags
* CVE-2012-3401: Fixed Heap-based buffer overflow due to improper initialization of T2P context struct pointer
* CVE-2012-2113: integer overflow leading to heap-based buffer overflow when parsing crafted tiff files
* Another heap-based memory corruption in the tiffp2s commandline tool has been fixed [bnc#788741]
* CVE-2012-2088: A type conversion flaw in libtiff has been fixed.
* CVE-2012-1173: A heap based buffer overflow in TIFFReadRGBAImageOriented was fixed.

Security Issue references:

* CVE-2012-1173
* CVE-2012-2088
* CVE-2012-2113
* CVE-2012-3401
* CVE-2012-4447
* CVE-2012-4564
* CVE-2012-5581
* CVE-2013-1960
* CVE-2013-1961
* CVE-2013-4231
* CVE-2013-4232
* CVE-2013-4243
* CVE-2013-4244

Affected Software/OS:
'libtiff' package(s) on SUSE Linux Enterprise Server 10 SP3.

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-1173
BugTraq ID: 52891
Debian Security Information: DSA-2447 (Google Search)
RedHat Security Advisories: RHSA-2012:0468
SuSE Security Announcement: openSUSE-SU-2012:0539 (Google Search)
XForce ISS Database: libtiff-gttileseparate-bo(74656)
Common Vulnerability Exposure (CVE) ID: CVE-2012-2088
BugTraq ID: 54270
RedHat Security Advisories: RHSA-2012:1054
SuSE Security Announcement: SUSE-SU-2012:0894 (Google Search)
SuSE Security Announcement: openSUSE-SU-2012:0829 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2012-2113
BugTraq ID: 54076
Debian Security Information: DSA-2552 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2012-3401
BugTraq ID: 54601
RedHat Security Advisories: RHSA-2012:1590
SuSE Security Announcement: openSUSE-SU-2012:0955 (Google Search)
XForce ISS Database: libtiff-t2preadtiffinit-bo(77088)
Common Vulnerability Exposure (CVE) ID: CVE-2012-4447
BugTraq ID: 55673
Debian Security Information: DSA-2561 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:0187 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2012-4564
BugTraq ID: 56372
Debian Security Information: DSA-2575 (Google Search)
XForce ISS Database: libtiff-ppm2tiff-bo(79750)
Common Vulnerability Exposure (CVE) ID: CVE-2012-5581
BugTraq ID: 56715
Debian Security Information: DSA-2589 (Google Search)
XForce ISS Database: libtiff-dotrange-bo(80339)
Common Vulnerability Exposure (CVE) ID: CVE-2013-1960
BugTraq ID: 59609
Debian Security Information: DSA-2698 (Google Search)
RedHat Security Advisories: RHSA-2014:0223
SuSE Security Announcement: openSUSE-SU-2013:0922 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:0944 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2013-1961
BugTraq ID: 59607
Common Vulnerability Exposure (CVE) ID: CVE-2013-4231
BugTraq ID: 61695
Debian Security Information: DSA-2744 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2013-4232
Common Vulnerability Exposure (CVE) ID: CVE-2013-4243
BugTraq ID: 62082
Common Vulnerability Exposure (CVE) ID: CVE-2013-4244
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.