• 공개일 : 2009-07-01
• 변경일 : 2010-08-24

• 위험도: 4.3
• 액세스 벡터 : NETWORK
• 액세스 복잡성 : 보통
• 인증 : 없음
• 기밀성 영향 : 부분
• 무결성 영향 : 없음
• 가용성 영향 : 없음
• 출처 : http://nvd.nist.gov
• 공개일 : 2009-07-01

Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327.

• FEDORA, FEDORA-2009-7763
• FEDORA, FEDORA-2009-7717
• FEDORA, FEDORA-2009-7417
• FEDORA, FEDORA-2009-7358
• FEDORA, FEDORA-2009-7335
• CONFIRM, https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/380149
• VUPEN, ADV-2010-0173
• VUPEN, ADV-2009-3184
• VUPEN, ADV-2009-2727
• VUPEN, ADV-2009-1637
• UBUNTU, USN-797-1
• REDHAT, RHSA-2009:1159
• MLIST, [oss-security] 20090629 CVE Request -- libtiff [was: Re: libtiff buffer..
• MLIST, [oss-security] 20090623 Re: libtiff buffer underflow in LZWDecodeCompat
• MLIST, [oss-security] 20090621 libtiff buffer underflow in LZWDecodeCompat
• MISC, http://www.lan.st/showthread.php?t=1856&page=3
• DEBIAN, DSA-1835
• CONFIRM, http://support.apple.com/kb/HT4105
• CONFIRM, http://support.apple.com/kb/HT4070
• CONFIRM, http://support.apple.com/kb/HT4013
• CONFIRM, http://support.apple.com/kb/HT4004
• CONFIRM, http://support.apple.com/kb/HT3937
• SUNALERT, 267808
• GENTOO, GLSA-200908-03
• SECUNIA, 39135
• SECUNIA, 38241
• SECUNIA, 36831
• SECUNIA, 36194
• SECUNIA, 35912
• SECUNIA, 35883
• SECUNIA, 35866
• SECUNIA, 35716
• SECUNIA, 35695
• APPLE, APPLE-SA-2010-03-11-1
• APPLE, APPLE-SA-2010-01-19-1
• APPLE, APPLE-SA-2010-02-02-1
• APPLE, APPLE-SA-2010-03-30-2
• APPLE, APPLE-SA-2009-11-09-1
• CONFIRM, http://bugzilla.maptools.org/show_bug.cgi?id=2065

• libtiff libtiff 3.8.2