Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2012-3401

Disclosure Date: August 13, 2012
CVE-2012-3401
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • libtiff

Products

  • libtiff,
  • libtiff 3.4,
  • libtiff 3.5.1,
  • libtiff 3.5.2,
  • libtiff 3.5.3,
  • libtiff 3.5.4,
  • libtiff 3.5.5,
  • libtiff 3.5.6,
  • libtiff 3.5.7,
  • libtiff 3.6.0,
  • libtiff 3.6.1,
  • libtiff 3.7.0,
  • libtiff 3.7.1,
  • libtiff 3.7.2,
  • libtiff 3.7.3,
  • libtiff 3.7.4,
  • libtiff 3.8.0,
  • libtiff 3.8.1,
  • libtiff 3.8.2,
  • libtiff 3.9,
  • libtiff 3.9.0,
  • libtiff 3.9.1,
  • libtiff 3.9.2,
  • libtiff 3.9.2-5.2.1,
  • libtiff 3.9.3,
  • libtiff 3.9.4,
  • libtiff 4.0,
  • libtiff 4.0.1

References

Canonical
CVE-2012-3401 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3401)
BID-54601 (http://www.securityfocus.com/bid/54601)
Advisory
http://lists.opensuse.org/opensuse-updates/2012-08/msg00011.html
[oss-security] 20120719 tiff2pdf: Heap-based buffer overflow due to improper initialization of T2P context struct pointer (http://www.openwall.com/lists/oss-security/2012/07/19/1)
http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830
[oss-security] 20120719 Re: tiff2pdf: Heap-based buffer overflow due to improper initialization of T2P context struct pointer (http://www.openwall.com/lists/oss-security/2012/07/19/4)
DSA-2552 (http://www.debian.org/security/2012/dsa-2552)
SECUNIA-49938 (http://secunia.com/advisories/49938)
SECUNIA-50007 (http://secunia.com/advisories/50007)
USN-1511-1 (http://www.ubuntu.com/usn/USN-1511-1)
GLSA-201209-02 (http://security.gentoo.org/glsa/glsa-201209-02.xml)
OSVDB-84090 (http://osvdb.org/84090)
XF-libtiff-t2preadtiffinit-bo(77088) (https://exchange.xforce.ibmcloud.com/vulnerabilities/77088)
http://www.mandriva.com/security/advisories?name=MDVSA-2012:127
http://rhn.redhat.com/errata/RHSA-2012-1590.html
http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
SECUNIA-50726 (http://secunia.com/advisories/50726)
Miscellaneous
https://bugzilla.redhat.com/show_bug.cgi?id=837577
https://bugzilla.redhat.com/attachment.cgi?id=596457
https://access.redhat.com/errata/RHSA-2012:1590
https://access.redhat.com/security/cve/CVE-2012-3401

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis