Red Hat Bugzilla – Bug 608010
CVE-2010-2443 CVE-2010-2482 libtiff: OJPEGReadBufferFill NULL deref crash
Last modified: 2016-03-04 06:48:06 EST
Common Vulnerabilities and Exposures assigned an identifier CVE-2010-2443 to the following vulnerability:
Unspecified vulnerability in LibTIFF before 3.9.3 allows remote
attackers to cause a denial of service (application crash) via an
OJPEG image with undefined strip offsets.
This CVE refers to following entry in the upstream changelog:
OJPEG: Report an error and avoid a crash if the input file is so broken
that the strip offsets are not defined.
This problem is already tracked as bug #603024. We are not handling this as security flaw, this NULL pointer dereference flaw with impact limited to application crash.
Not vulnerable. This issue did not affect the versions of libtiff as shipped with Red Hat Enterprise Linux 3, 4, or 5.
CVE-2010-2482 was assigned to the related td_stripbytecount NULL deref issue. Comment #1 apply to that issue as well. Issue is not yet fixed upstream in 3.9.4.
These issues are addressed in libtiff-3.9.4-1 packages.