CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-3296

Multiple integer overflows in tiffread.c in CamlImages 2.2 might allow remote attackers to execute arbitrary code via TIFF images containing large width and height values that trigger heap-based buffer overflows.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.037

EPSS Ranking 87.4%

CVSS Severity

CVSS v2 Score 7.5

References

http://secunia.com/advisories/37067
http://security.debian.org/pool/updates/main/c/camlimages/camlimages_2.2.0-4+lenny3.diff.gz
http://security.debian.org/pool/updates/main/c/camlimages/camlimages_2.20-8+etch3.diff.gz
http://www.debian.org/security/2009/dsa-1912
http://www.securityfocus.com/bid/36713
http://secunia.com/advisories/37067
http://security.debian.org/pool/updates/main/c/camlimages/camlimages_2.2.0-4+lenny3.diff.gz
http://security.debian.org/pool/updates/main/c/camlimages/camlimages_2.20-8+etch3.diff.gz
http://www.debian.org/security/2009/dsa-1912
http://www.securityfocus.com/bid/36713

Products affected by CVE-2009-3296

Gallium.inria » Camimages » Version: 2.2

cpe:2.3:a:gallium.inria:camimages:2.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-3296

Products

Pricing

Contact Us