CVE-2005-2452
CVSS5.0
发布时间 :2005-08-03 00:00:00
修订时间 :2008-09-05 16:51:47
NMCOS    

[原文]libtiff up to 3.7.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image header with a zero "YCbCr subsampling" value, which causes a divide-by-zero error in (1) tif_strip.c and (2) tif_tile.c, a different vulnerability than CVE-2004-0804.


[CNNVD]LibTiff Tiff图像标头除零拒绝服务漏洞 (CNNVD-200508-025)

        libtiff 3.7.0及其早前版本允许远程攻击者借助于其值为零"YCbCr subsampling" 的TIFF图像标头造成拒绝服务(应用程序崩溃), 这使得在(1) tif_strip.c 和(2) tif_tile.c产生除零错误。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:libtiff:libtiff:3.5.5LibTIFF 3.5.5
cpe:/a:libtiff:libtiff:3.6.1LibTIFF 3.6.1
cpe:/a:libtiff:libtiff:3.5.7LibTIFF 3.5.7

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2452
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2452
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200508-025
(官方数据源) CNNVD

- 其它链接及资源

http://www.ubuntulinux.org/support/documentation/usn/usn-156-1
(PATCH)  UBUNTU  USN-156-1
https://bugzilla.ubuntu.com/show_bug.cgi?id=12008
(UNKNOWN)  MISC  https://bugzilla.ubuntu.com/show_bug.cgi?id=12008
http://www.securityfocus.com/bid/14417
(UNKNOWN)  BID  14417
http://www.mandriva.com/security/advisories?name=MDKSA-2005:144
(UNKNOWN)  MANDRAKE  MDKSA-2005:144
http://www.mandriva.com/security/advisories?name=MDKSA-2005:143
(UNKNOWN)  MANDRAKE  MDKSA-2005:143
http://www.mandriva.com/security/advisories?name=MDKSA-2005:142
(UNKNOWN)  MANDRAKE  MDKSA-2005:142
http://secunia.com/advisories/16486
(VENDOR_ADVISORY)  SECUNIA  16486
http://secunia.com/advisories/16266
(VENDOR_ADVISORY)  SECUNIA  16266

- 漏洞信息

LibTiff Tiff图像标头除零拒绝服务漏洞
中危 边界条件错误
2005-08-03 00:00:00 2006-11-30 00:00:00
远程  
        libtiff 3.7.0及其早前版本允许远程攻击者借助于其值为零"YCbCr subsampling" 的TIFF图像标头造成拒绝服务(应用程序崩溃), 这使得在(1) tif_strip.c 和(2) tif_tile.c产生除零错误。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        KDE KDE 3.2
        Mandriva kdegraphics-3.2-15.8.C30mdk.i586.rpm
        Corporate 3.0
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-3.2-15.8.C30mdk.x86_64.rpm
        Corporate 3.0/X86_64
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-common-3.2-15.8.C30mdk.i586.rpm
        Corporate 3.0
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-common-3.2-15.8.C30mdk.x86_64.rpm
        Corporate 3.0/X86_64
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-kdvi-3.2-15.8.C30mdk.i586.rpm
        Corporate 3.0
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-kdvi-3.2-15.8.C30mdk.x86_64.rpm
        Corporate 3.0/X86_64
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-kfax-3.2-15.8.C30mdk.i586.rpm
        Corporate 3.0
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-kfax-3.2-15.8.C30mdk.x86_64.rpm
        Corporate 3.0/X86_64
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-kghostview-3.2-15.8.C30mdk.i586.rpm
        Corporate 3.0
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-kghostview-3.2-15.8.C30mdk.x86_64.rpm
        Corporate 3.0/X86_64
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-kiconedit-3.2-15.8.C30mdk.i586.rpm
        Corporate 3.0
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-kiconedit-3.2-15.8.C30mdk.x86_64.rpm
        Corporate 3.0/X86_64
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-kooka-3.2-15.8.C30mdk.i586.rpm
        Corporate 3.0
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-kooka-3.2-15.8.C30mdk.x86_64.rpm
        Corporate 3.0/X86_64
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-kpaint-3.2-15.8.C30mdk.i586.rpm
        Corporate 3.0
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-kpaint-3.2-15.8.C30mdk.x86_64.rpm
        Corporate 3.0/X86_64
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-kpdf-3.2-15.8.C30mdk.i586.rpm
        Corporate 3.0
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-kpdf-3.2-15.8.C30mdk.x86_64.rpm
        Corporate 3.0/X86_64
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-kpovmodeler-3.2-15.8.C30mdk.i586.rpm
        Corporate 3.0
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-kpovmodeler-3.2-15.8.C30mdk.x86_64.rpm
        Corporate 3.0/X86_64
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-kruler-3.2-15.8.C30mdk.i586.rpm
        Corporate 3.0
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-kruler-3.2-15.8.C30mdk.x86_64.rpm
        Corporate 3.0/X86_64
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-ksnapshot-3.2-15.8.C30mdk.i586.rpm
        Corporate 3.0
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-ksnapshot-3.2-15.8.C30mdk.x86_64.rpm
        Corporate 3.0/X86_64
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-ksvg-3.2-15.8.C30mdk.i586.rpm
        Corporate 3.0
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-ksvg-3.2-15.8.C30mdk.x86_64.rpm
        Corporate 3.0/X86_64
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-kuickshow-3.2-15.8.C30mdk.i586.rpm
        Corporate 3.0
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-kuickshow-3.2-15.8.C30mdk.x86_64.rpm
        Corporate 3.0/X86_64
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-kview-3.2-15.8.C30mdk.i586.rpm
        Corporate 3.0
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-kview-3.2-15.8.C30mdk.x86_64.rpm
        Corporate 3.0/X86_64
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-mrmlsearch-3.2-15.8.C30mdk.i586.rpm
        Corporate 3.0
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva kdegraphics-mrmlsearch-3.2-15.8.C30mdk.x86_64.rpm
        Corporate 3.0/X86_64
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva lib64kdegraphics0-common-3.2-15.8.C30mdk.x86_64.rpm
        Corporate 3.0/X86_64
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva lib64kdegraphics0-common-devel-3.2-15.8.C30mdk.x86_64.rpm
        Corporate 3.0/X86_64
        http://www1.mandrivalinux.com/en/ftp.php3
        Mandriva lib64kdegraphics0-kooka-3.2-15.8.C30mdk.x86

- 漏洞信息

18856
LibTIFF TIFF Image YCbCr subsampling Zero Value DoS
Denial of Service
Loss of Availability

- 漏洞描述

Unknown or Incomplete

- 时间线

2005-06-10 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

LibTiff Tiff Image Header Divide By Zero Denial of Service Vulnerability
Boundary Condition Error 14417
Yes No
2005-07-29 12:00:00 2009-07-12 04:06:00
Vladimir Nadvornik is credited with the discovery of this vulnerability.

- 受影响的程序版本

wxPythonGTK wxPythonGTK 2.5.3 .1
wxPythonGTK wxPythonGTK 2.5.2 .7
wxPythonGTK wxPythonGTK 2.4.2 .4
Turbolinux Turbolinux Workstation 8.0
Turbolinux Turbolinux Workstation 7.0
Turbolinux Turbolinux Server 10.0
Turbolinux Turbolinux Server 8.0
Turbolinux Turbolinux Server 7.0
Turbolinux Turbolinux Desktop 10.0
Turbolinux Turbolinux 10 F...
TurboLinux Personal
TurboLinux Multimedia
Turbolinux Home
Turbolinux Appliance Server Workgroup Edition 1.0
Turbolinux Appliance Server Hosting Edition 1.0
Turbolinux Appliance Server 1.0 Workgroup Edition
Turbolinux Appliance Server 1.0 Hosting Edition
Novell Evolution 2.0.4
+ Conectiva Linux 10.0
+ Conectiva Linux 9.0
Novell Evolution 2.0.3
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
Novell Evolution 2.0.2
+ Conectiva Linux 10.0
+ Conectiva Linux 9.0
+ MandrakeSoft Corporate Server 3.0 x86_64
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ Red Hat Enterprise Linux AS 4
+ RedHat Desktop 4.0
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux WS 4
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
+ S.u.S.E. Linux Personal 9.2
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
Mandriva Linux Mandrake 10.0 AMD64
Mandriva Linux Mandrake 10.0
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
LibTIFF LibTIFF 3.6.1
+ Gentoo Linux 1.4
+ Gentoo Linux
+ OpenPKG OpenPKG Current
+ Turbolinux Turbolinux Server 10.0
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 amd64
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
LibTIFF LibTIFF 3.5.7
+ Red Hat Fedora Core2
+ Slackware Linux 9.1
+ Slackware Linux 9.0
+ Slackware Linux 8.1
+ Turbolinux Appliance Server Hosting Edition 1.0
+ Turbolinux Appliance Server Workgroup Edition 1.0
+ Turbolinux Turbolinux Desktop 10.0
+ Turbolinux Turbolinux Server 8.0
LibTIFF LibTIFF 3.5.5
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Workstation 8.0
+ Turbolinux Turbolinux Workstation 7.0
KDE KDE 3.3.2
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
+ Debian Linux 3.1
+ Debian Linux 3.1
KDE KDE 3.3.2
KDE KDE 3.3.1
+ Red Hat Fedora Core3
KDE KDE 3.3
KDE KDE 3.2.3
KDE KDE 3.2.2
+ KDE KDE 3.2.2
+ Red Hat Fedora Core2
KDE KDE 3.2.1
KDE KDE 3.2
Easy Software Products CUPS 1.1.23 rc1
+ Gentoo Linux
Easy Software Products CUPS 1.1.23
+ Gentoo Linux
Easy Software Products CUPS 1.1.22 rc1
Easy Software Products CUPS 1.1.22
Easy Software Products CUPS 1.1.21
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
Easy Software Products CUPS 1.1.20
+ ALT Linux ALT Linux Compact 2.3
+ ALT Linux ALT Linux Junior 2.3
+ Gentoo Linux 1.4 _rc3
+ Gentoo Linux 1.4 _rc2
+ Gentoo Linux 1.4 _rc1
+ MandrakeSoft apcupsd 2006.0
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ S.u.S.E. Linux Personal 9.1
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Easy Software Products CUPS 1.1.19 rc5
Easy Software Products CUPS 1.1.19
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
+ Turbolinux Appliance Server 1.0 Workgroup Edition
+ Turbolinux Appliance Server 1.0 Hosting Edition
+ Turbolinux Appliance Server Hosting Edition 1.0
+ Turbolinux Appliance Server Workgroup Edition 1.0
+ Turbolinux Home
+ Turbolinux Turbolinux Desktop 10.0
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Workstation 8.0
Easy Software Products CUPS 1.1.18
+ Conectiva Linux 9.0
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ MandrakeSoft Multi Network Firewall 2.0
+ Mandriva Linux Mandrake 9.0
+ S.u.S.E. Linux Personal 8.2
Easy Software Products CUPS 1.1.17
+ Red Hat Enterprise Linux AS 3
+ RedHat Desktop 3.0
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux WS 3
Easy Software Products CUPS 1.1.16
+ Mandriva Linux Mandrake 9.0
Easy Software Products CUPS 1.1.15
+ Conectiva Linux Enterprise Edition 1.0
+ S.u.S.E. Linux 8.1
Easy Software Products CUPS 1.1.14
+ Conectiva Linux 8.0
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
Easy Software Products CUPS 1.1.13
Easy Software Products CUPS 1.1.12
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
Easy Software Products CUPS 1.1.10
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Workstation 3.1.1
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 i386
Easy Software Products CUPS 1.1.7
Easy Software Products CUPS 1.1.6
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
Easy Software Products CUPS 1.1.4 -5
Easy Software Products CUPS 1.1.4 -3
+ Mandriva Linux Mandrake 7.2
Easy Software Products CUPS 1.1.4 -2
+ Debian Linux 2.3
Easy Software Products CUPS 1.1.4
+ Debian Linux 2.3
+ Mandriva Linux Mandrake 7.2
Easy Software Products CUPS 1.1.1
+ RedHat PowerTools 7.0
Easy Software Products CUPS 1.0.4 -8
+ Debian Linux 2.2
Easy Software Products CUPS 1.0.4
+ Debian Linux 2.2
Conectiva Linux 10.0
LibTIFF LibTIFF 3.7.2
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1

- 不受影响的程序版本

LibTIFF LibTIFF 3.7.2
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1

- 漏洞讨论

LibTIFF is affected by a vulnerability that may cause a denial of service in applications using the library. This issue is due to a failure in the library to sufficiently validate specific header values.

An attacker can exploit this vulnerability to cause a denial of service or a loss of data in applications using the affected library.

This issue is known to affect the CUPS printing system and the Evolution email client; other applications using the LibTIFF library may also be affected.

This issue may be related to BID 12874 - ImageMagick TIFF Image File Unspecified Denial Of Service Vulnerability.

- 漏洞利用

The discoverer of this vulnerability has supplied the following TIFF image suitable to demonstrate this vulnerability in Evolution:
http://www.blub.net/~wouter/FemBusiness28mei2005.tif

- 解决方案


Please see the referenced advisories for details on obtaining and applying the appropriate updates.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com


KDE KDE 3.2

KDE KDE 3.2.3

KDE KDE 3.3.2

LibTIFF LibTIFF 3.5.5

LibTIFF LibTIFF 3.5.7

LibTIFF LibTIFF 3.6.1

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站