CVE-2010-2482

Published: 06 July 2010

LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted TIFF file, a different vulnerability than CVE-2010-2443.

Priority

Low

Status

Package Release Status
tiff
Launchpad, Ubuntu, Debian
Upstream Needs triage

Patches:
upstream: r1.24.2.7, r1.14.2.5