Vulnerability Details CVE-2010-2598
LibTIFF in Red Hat Enterprise Linux (RHEL) 3 on x86_64 platforms, as used in tiff2rgba, attempts to process image data even when the required compression functionality is not configured, which allows remote attackers to cause a denial of service via a crafted TIFF image, related to "downsampled OJPEG input."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.0%
CVSS Severity
CVSS v2 Score 4.3
References
- http://secunia.com/advisories/40536
- http://www.redhat.com/support/errata/RHSA-2010-0520.html
- http://www.vupen.com/english/advisories/2010/1761
- https://bugzilla.redhat.com/show_bug.cgi?id=583081
- http://secunia.com/advisories/40536
- http://www.redhat.com/support/errata/RHSA-2010-0520.html
- http://www.vupen.com/english/advisories/2010/1761
- https://bugzilla.redhat.com/show_bug.cgi?id=583081
Products affected by CVE-2010-2598
-
cpe:2.3:o:redhat:enterprise_linux:3
-
cpe:2.3:o:redhat:enterprise_linux:3.0