Candidate: CVE-2010-2443
PublicDate: 2010-06-24 17:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2443
 http://marc.info/?l=oss-security&m=127731610612908&w=2
Description:
 The OJPEGReadBufferFill function in tif_ojpeg.c in LibTIFF before 3.9.3
 allows remote attackers to cause a denial of service (NULL pointer
 dereference and application crash) via an OJPEG image with undefined strip
 offsets, related to the TIFFVGetField function.
Ubuntu-Description:
Notes:
 mdeslaur> lucid was fixed in same patch as CVE-2010-2065
Bugs:
 https://bugs.launchpad.net/ubuntu/lucid/+source/tiff/+bug/589145
 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2443
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_tiff:
upstream_tiff: released (3.9.3)
dapper_tiff: not-affected (3.7.4-1ubuntu3.8)
hardy_tiff: not-affected (3.8.2-7ubuntu3.6)
jaunty_tiff: ignored (reached end-of-life)
karmic_tiff: not-affected (3.8.2-13ubuntu0.3)
lucid_tiff: released (3.9.2-2ubuntu0.3)
maverick_tiff: not-affected (3.9.4-2)
devel_tiff: not-affected (3.9.4-5)