Vulnerability Database

290,300

Total vulnerabilities in the database

CVE-2010-1411

Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as used in ImageIO in Apple Mac OS X 10.5.8 and Mac OS X 10.6 before 10.6.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow.

  • Published: Jun 17, 2010
  • Updated: Apr 13, 2023
  • CVE: CVE-2010-1411
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
apple / mac_os_x 10.5.8 10.5.8.x
apple / mac_os_x_server 10.5.8 10.5.8.x
apple / mac_os_x_server 10.6.3 10.6.3.x
apple / mac_os_x 10.6.3 10.6.3.x
apple / mac_os_x_server 10.6.1 10.6.1.x
apple / mac_os_x_server 10.6.2 10.6.2.x
apple / mac_os_x 10.6.1 10.6.1.x
apple / mac_os_x_server 10.6.0 10.6.0.x
apple / mac_os_x 10.6.0 10.6.0.x
apple / mac_os_x 10.6.2 10.6.2.x