CVE-2010-2630

Priority
Description
The TIFFReadDirectory function in LibTIFF 3.9.0 does not properly validate
the data types of codec-specific tags that have an out-of-order position in
a TIFF file, which allows remote attackers to cause a denial of service
(application crash) via a crafted file, a different vulnerability than
CVE-2010-2481.
Notes
mdeslaursame reproducer as CVE-2010-2481
fixes regression in CVE-2010-2481 patch
Package
Source: tiff (LP Ubuntu Debian)
Upstream:needs-triage
Patches:
Upstream:r1.92.2.13
More Information

Updated: 2020-03-18 22:03:33 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)