English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.72419
Category:Gentoo Local Security Checks
Title:Gentoo Security Advisory GLSA 201209-02 (tiff)
Summary:The remote host is missing updates announced in;advisory GLSA 201209-02.
Description:Summary:
The remote host is missing updates announced in
advisory GLSA 201209-02.

Vulnerability Insight:
Multiple vulnerabilities in libTIFF could result in execution of
arbitrary code or Denial of Service.

Solution:
All libTIFF 4.0 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=media-libs/tiff-4.0.2-r1'


All libTIFF 3.9 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=media-libs/tiff-3.9.5-r2'

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-2347
BugTraq ID: 35652
http://www.securityfocus.com/bid/35652
Bugtraq: 20090713 [oCERT-2009-012] libtiff tools integer overflows (Google Search)
http://www.securityfocus.com/archive/1/504892/100/0/threaded
Debian Security Information: DSA-1835 (Google Search)
http://www.debian.org/security/2009/dsa-1835
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00663.html
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00724.html
http://security.gentoo.org/glsa/glsa-200908-03.xml
http://security.gentoo.org/glsa/glsa-201209-02.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:150
http://www.mandriva.com/security/advisories?name=MDVSA-2011:043
http://www.ocert.org/advisories/ocert-2009-012.html
http://osvdb.org/55821
http://osvdb.org/55822
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10988
http://www.redhat.com/support/errata/RHSA-2009-1159.html
http://www.securitytracker.com/id?1022539
http://secunia.com/advisories/35811
http://secunia.com/advisories/35817
http://secunia.com/advisories/35866
http://secunia.com/advisories/35883
http://secunia.com/advisories/35911
http://secunia.com/advisories/36194
http://secunia.com/advisories/50726
http://www.ubuntu.com/usn/USN-801-1
http://www.vupen.com/english/advisories/2009/1870
http://www.vupen.com/english/advisories/2011/0621
XForce ISS Database: libtiff-rgb2ycbcr-tiff2rgba-bo(51688)
https://exchange.xforce.ibmcloud.com/vulnerabilities/51688
Common Vulnerability Exposure (CVE) ID: CVE-2009-5022
1025380
http://securitytracker.com/id?1025380
44271
http://secunia.com/advisories/44271
47338
http://www.securityfocus.com/bid/47338
50726
ADV-2011-1014
http://www.vupen.com/english/advisories/2011/1014
ADV-2011-1082
http://www.vupen.com/english/advisories/2011/1082
DSA-2256
http://www.debian.org/security/2011/dsa-2256
FEDORA-2011-5304
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058478.html
GLSA-201209-02
MDVSA-2011:078
http://www.mandriva.com/security/advisories?name=MDVSA-2011:078
RHSA-2011:0452
http://www.redhat.com/support/errata/RHSA-2011-0452.html
USN-1120-1
http://www.ubuntu.com/usn/USN-1120-1
[oss-security] 20110412 libtiff CVE assignments
http://openwall.com/lists/oss-security/2011/04/12/10
http://bugzilla.maptools.org/show_bug.cgi?id=1999
http://www.remotesensing.org/libtiff/v3.9.5.html
https://bugzilla.redhat.com/show_bug.cgi?id=695885
libtiff-ojpeg-bo(66774)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66774
Common Vulnerability Exposure (CVE) ID: CVE-2010-1411
http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html
http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html
BugTraq ID: 40823
http://www.securityfocus.com/bid/40823
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043769.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043835.html
http://marc.info/?l=oss-security&m=127731610612908&w=2
http://www.redhat.com/support/errata/RHSA-2010-0519.html
http://www.redhat.com/support/errata/RHSA-2010-0520.html
http://securitytracker.com/id?1024103
http://secunia.com/advisories/40181
http://secunia.com/advisories/40196
http://secunia.com/advisories/40220
http://secunia.com/advisories/40381
http://secunia.com/advisories/40478
http://secunia.com/advisories/40527
http://secunia.com/advisories/40536
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.596424
SuSE Security Announcement: SUSE-SR:2010:014 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
http://www.ubuntu.com/usn/USN-954-1
http://www.vupen.com/english/advisories/2010/1435
http://www.vupen.com/english/advisories/2010/1481
http://www.vupen.com/english/advisories/2010/1512
http://www.vupen.com/english/advisories/2010/1638
http://www.vupen.com/english/advisories/2010/1731
http://www.vupen.com/english/advisories/2010/1761
Common Vulnerability Exposure (CVE) ID: CVE-2010-2065
40181
40381
ADV-2010-1638
ADV-2011-0204
http://www.vupen.com/english/advisories/2011/0204
ADV-2011-0621
MDVSA-2011:043
SSA:2010-180-02
USN-954-1
[oss-security] 20100623 CVE requests: LibTIFF
http://blogs.sun.com/security/entry/cve_2010_2065_cve_2010
http://www.remotesensing.org/libtiff/v3.9.3.html
https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/589565
https://bugzilla.redhat.com/show_bug.cgi?id=601274
Common Vulnerability Exposure (CVE) ID: CVE-2010-2067
20100621 Multiple Vendor LibTIFF 3.9.2 Stack Buffer Overflow Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=874
40241
http://secunia.com/advisories/40241
65676
http://osvdb.org/65676
SUSE-SR:2010:014
http://bugzilla.maptools.org/show_bug.cgi?id=2212
http://www.remotesensing.org/libtiff/v3.9.4.html
https://bugzilla.redhat.com/show_bug.cgi?id=599576
Common Vulnerability Exposure (CVE) ID: CVE-2010-2233
1024150
http://securitytracker.com/id?1024150
40422
http://secunia.com/advisories/40422
http://bugzilla.maptools.org/show_bug.cgi?id=2207
https://bugzilla.redhat.com/show_bug.cgi?id=583081
https://bugzilla.redhat.com/show_bug.cgi?id=607198
Common Vulnerability Exposure (CVE) ID: CVE-2010-2443
http://marc.info/?l=oss-security&m=127736307002102&w=2
http://marc.info/?l=oss-security&m=127781315415896&w=2
Common Vulnerability Exposure (CVE) ID: CVE-2010-2481
40527
ADV-2010-1761
RHSA-2010:0519
[oss-security] 20100624 Re: CVE requests: LibTIFF
http://marc.info/?l=oss-security&m=127738540902757&w=2
[oss-security] 20100629 Re: CVE requests: LibTIFF
[oss-security] 20100630 Re: CVE requests: LibTIFF
http://www.openwall.com/lists/oss-security/2010/06/30/22
[oss-security] 20100701 Re: CVE requests: LibTIFF
http://marc.info/?l=oss-security&m=127797353202873&w=2
http://bugzilla.maptools.org/show_bug.cgi?id=2210
Common Vulnerability Exposure (CVE) ID: CVE-2010-2482
DSA-2552
http://www.debian.org/security/2012/dsa-2552
http://bugzilla.maptools.org/show_bug.cgi?id=1996
https://bugs.launchpad.net/bugs/597246
https://bugzilla.redhat.com/show_bug.cgi?id=603024
https://bugzilla.redhat.com/show_bug.cgi?id=608010
Common Vulnerability Exposure (CVE) ID: CVE-2010-2483
http://bugzilla.maptools.org/show_bug.cgi?id=2216
https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/591605
https://bugzilla.redhat.com/show_bug.cgi?id=603081
Common Vulnerability Exposure (CVE) ID: CVE-2010-2595
Debian Security Information: DSA-2552 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2010-2596
Common Vulnerability Exposure (CVE) ID: CVE-2010-2597
Common Vulnerability Exposure (CVE) ID: CVE-2010-2630
Common Vulnerability Exposure (CVE) ID: CVE-2010-2631
Common Vulnerability Exposure (CVE) ID: CVE-2010-3087
SUSE-SR:2010:017
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
http://blackberry.com/btsc/KB27244
http://support.novell.com/security/cve/CVE-2010-3087.html
https://bugzilla.novell.com/show_bug.cgi?id=624215
Common Vulnerability Exposure (CVE) ID: CVE-2010-4665
SUSE-SR:2011:009
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
USN-1416-1
http://ubuntu.com/usn/usn-1416-1
http://bugzilla.maptools.org/show_bug.cgi?id=2218
https://bugzilla.redhat.com/show_bug.cgi?id=695887
Common Vulnerability Exposure (CVE) ID: CVE-2011-0192
http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html
http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html
http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
BugTraq ID: 46658
http://www.securityfocus.com/bid/46658
Debian Security Information: DSA-2210 (Google Search)
http://www.debian.org/security/2011/dsa-2210
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html
http://www.redhat.com/support/errata/RHSA-2011-0318.html
http://www.securitytracker.com/id?1025153
http://secunia.com/advisories/43585
http://secunia.com/advisories/43593
http://secunia.com/advisories/43664
http://secunia.com/advisories/43934
http://secunia.com/advisories/44117
http://secunia.com/advisories/44135
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820
SuSE Security Announcement: SUSE-SR:2011:005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
SuSE Security Announcement: SUSE-SR:2011:009 (Google Search)
http://www.vupen.com/english/advisories/2011/0551
http://www.vupen.com/english/advisories/2011/0599
http://www.vupen.com/english/advisories/2011/0845
http://www.vupen.com/english/advisories/2011/0905
http://www.vupen.com/english/advisories/2011/0930
http://www.vupen.com/english/advisories/2011/0960
Common Vulnerability Exposure (CVE) ID: CVE-2011-1167
1025257
http://www.securitytracker.com/id?1025257
20110321 ZDI-11-107: Libtiff ThunderCode Decoder THUNDER_2BITDELTAS Remote Code Execution Vulnerability
http://www.securityfocus.com/archive/1/517101/100/0/threaded
43900
http://secunia.com/advisories/43900
43934
43974
http://secunia.com/advisories/43974
44117
44135
46951
http://www.securityfocus.com/bid/46951
71256
http://www.osvdb.org/71256
8165
http://securityreason.com/securityalert/8165
ADV-2011-0795
http://www.vupen.com/english/advisories/2011/0795
ADV-2011-0845
ADV-2011-0859
http://www.vupen.com/english/advisories/2011/0859
ADV-2011-0860
http://www.vupen.com/english/advisories/2011/0860
ADV-2011-0905
ADV-2011-0930
ADV-2011-0960
APPLE-SA-2012-02-01-1
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
APPLE-SA-2012-05-09-1
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
APPLE-SA-2012-09-19-1
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
DSA-2210
FEDORA-2011-3827
FEDORA-2011-3836
MDVSA-2011:064
http://www.mandriva.com/security/advisories?name=MDVSA-2011:064
RHSA-2011:0392
http://www.redhat.com/support/errata/RHSA-2011-0392.html
SSA:2011-098-01
USN-1102-1
http://ubuntu.com/usn/usn-1102-1
http://bugzilla.maptools.org/show_bug.cgi?id=2300
http://support.apple.com/kb/HT5130
http://support.apple.com/kb/HT5281
http://support.apple.com/kb/HT5503
http://www.zerodayinitiative.com/advisories/ZDI-11-107
https://bugzilla.redhat.com/show_bug.cgi?id=684939
libtiff-thundercode-decoder-bo(66247)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66247
Common Vulnerability Exposure (CVE) ID: CVE-2012-1173
1026895
http://www.securitytracker.com/id?1026895
48684
http://secunia.com/advisories/48684
48722
http://secunia.com/advisories/48722
48735
http://secunia.com/advisories/48735
48757
http://secunia.com/advisories/48757
48893
http://secunia.com/advisories/48893
52891
http://www.securityfocus.com/bid/52891
81025
http://www.osvdb.org/81025
APPLE-SA-2012-09-19-2
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
DSA-2447
http://www.debian.org/security/2012/dsa-2447
FEDORA-2012-5406
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078403.html
FEDORA-2012-5410
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078835.html
FEDORA-2012-5463
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077463.html
MDVSA-2012:054
http://www.mandriva.com/security/advisories?name=MDVSA-2012:054
RHSA-2012:0468
http://rhn.redhat.com/errata/RHSA-2012-0468.html
http://bugzilla.maptools.org/attachment.cgi?id=477&action=diff
http://bugzilla.maptools.org/show_bug.cgi?id=2369
http://home.gdal.org/private/zdi-can-1221/zdi-can-1221.txt
http://support.apple.com/kb/HT5501
https://downloads.avaya.com/css/P8/documents/100161772
libtiff-gttileseparate-bo(74656)
https://exchange.xforce.ibmcloud.com/vulnerabilities/74656
openSUSE-SU-2012:0539
https://hermes.opensuse.org/messages/14302713
Common Vulnerability Exposure (CVE) ID: CVE-2012-2088
49686
http://secunia.com/advisories/49686
54270
http://www.securityfocus.com/bid/54270
APPLE-SA-2013-03-14-1
http://lists.apple.com/archives/security-announce/2013/Mar/msg00002.html
MDVSA-2012:101
http://www.mandriva.com/security/advisories?name=MDVSA-2012:101
RHSA-2012:1054
http://rhn.redhat.com/errata/RHSA-2012-1054.html
SUSE-SU-2012:0894
http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00010.html
http://support.apple.com/kb/HT6162
http://support.apple.com/kb/HT6163
https://bugzilla.redhat.com/show_bug.cgi?id=832864
openSUSE-SU-2012:0829
https://hermes.opensuse.org/messages/15083566
Common Vulnerability Exposure (CVE) ID: CVE-2012-2113
49493
http://secunia.com/advisories/49493
54076
http://www.securityfocus.com/bid/54076
http://www.remotesensing.org/libtiff/v4.0.2.html
https://bugzilla.redhat.com/show_bug.cgi?id=810551
Common Vulnerability Exposure (CVE) ID: CVE-2012-3401
49938
http://secunia.com/advisories/49938
50007
http://secunia.com/advisories/50007
54601
http://www.securityfocus.com/bid/54601
84090
http://osvdb.org/84090
MDVSA-2012:127
http://www.mandriva.com/security/advisories?name=MDVSA-2012:127
RHSA-2012:1590
http://rhn.redhat.com/errata/RHSA-2012-1590.html
USN-1511-1
http://www.ubuntu.com/usn/USN-1511-1
[oss-security] 20120719 Re: tiff2pdf: Heap-based buffer overflow due to improper initialization of T2P context struct pointer
http://www.openwall.com/lists/oss-security/2012/07/19/4
[oss-security] 20120719 tiff2pdf: Heap-based buffer overflow due to improper initialization of T2P context struct pointer
http://www.openwall.com/lists/oss-security/2012/07/19/1
http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830
http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
https://bugzilla.redhat.com/attachment.cgi?id=596457
https://bugzilla.redhat.com/show_bug.cgi?id=837577
libtiff-t2preadtiffinit-bo(77088)
https://exchange.xforce.ibmcloud.com/vulnerabilities/77088
openSUSE-SU-2012:0955
http://lists.opensuse.org/opensuse-updates/2012-08/msg00011.html
CopyrightCopyright (C) 2012 E-Soft Inc.

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.