QwikSec

Security Database

CVE

CWE

Training

CVE-2012-4564

Published: Nov 11, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_DEBIAN

vdb-entry

x_refsource_OSVDB

https://bugzilla.redhat.com/show_bug.cgi?id=871700

x_refsource_CONFIRM

[oss-security] 20121102 libtiff: Missing return value check in ppm2tiff leading to heap-buffer overflow when reading a tiff file

mailing-list

x_refsource_MLIST

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_UBUNTU

openSUSE-SU-2013:0187

vendor-advisory

x_refsource_SUSE

libtiff-ppm2tiff-bo(79750)

vdb-entry

x_refsource_XF

[oss-security] 20121102 Re: libtiff: Missing return value check in ppm2tiff leading to heap-buffer overflow when reading a tiff file

mailing-list

x_refsource_MLIST

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.