7.5 - USN-1498-1

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	tiff vulnerabilities

Informations
Name	USN-1498-1	First vendor Publication	2012-07-05
Vendor	Ubuntu	Last vendor Modification	2012-07-05
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score	7.5	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS - Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.04 LTS - Ubuntu 8.04 LTS

Summary:

The TIFF library could be made to crash or run programs as your login if it opened a specially crafted file.

Software Description: - tiff: Tag Image File Format (TIFF) library

Details:

It was discovered that the TIFF library incorrectly handled certain malformed TIFF images. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. (CVE-2012-2088)

It was discovered that the tiff2pdf utility incorrectly handled certain malformed TIFF images. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. (CVE-2012-2113)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.04 LTS:
libtiff-tools 3.9.5-2ubuntu1.1
libtiff4 3.9.5-2ubuntu1.1

Ubuntu 11.10:
libtiff-tools 3.9.5-1ubuntu1.2
libtiff4 3.9.5-1ubuntu1.2

Ubuntu 11.04:
libtiff-tools 3.9.4-5ubuntu6.2
libtiff4 3.9.4-5ubuntu6.2

Ubuntu 10.04 LTS:
libtiff-tools 3.9.2-2ubuntu0.9
libtiff4 3.9.2-2ubuntu0.9

Ubuntu 8.04 LTS:
libtiff-tools 3.8.2-7ubuntu3.12
libtiff4 3.8.2-7ubuntu3.12

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1498-1
CVE-2012-2088, CVE-2012-2113

Package Information:
https://launchpad.net/ubuntu/+source/tiff/3.9.5-2ubuntu1.1
https://launchpad.net/ubuntu/+source/tiff/3.9.5-1ubuntu1.2
https://launchpad.net/ubuntu/+source/tiff/3.9.4-5ubuntu6.2
https://launchpad.net/ubuntu/+source/tiff/3.9.2-2ubuntu0.9
https://launchpad.net/ubuntu/+source/tiff/3.8.2-7ubuntu3.12

Original Source

Url : http://www.ubuntu.com/usn/USN-1498-1

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-189	Numeric Errors (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:17902

Oval ID:	oval:org.mitre.oval:def:17902
Title:	USN-1498-1 -- tiff vulnerabilities
Description:	The TIFF library could be made to crash or run programs as your login if it opened a specially crafted file.
Family:	unix	Class:	patch
Reference(s):	USN-1498-1 CVE-2012-2088 CVE-2012-2113	Version:	7
Platform(s):	Ubuntu 12.04 Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04 Ubuntu 8.04	Product(s):	tiff
Definition Synopsis:
Release section Ubuntu 12.04 is installed Packages match section libtiff-tools DPKG is earlier than 3.9.5-2ubuntu1.1 AND libtiff4 DPKG is earlier than 3.9.5-2ubuntu1.1 AND Release section Ubuntu 11.10 is installed Packages match section libtiff-tools DPKG is earlier than 3.9.5-1ubuntu1.2 AND libtiff4 DPKG is earlier than 3.9.5-1ubuntu1.2 AND Release section Ubuntu 11.04 is installed Packages match section libtiff-tools DPKG is earlier than 3.9.4-5ubuntu6.2 AND libtiff4 DPKG is earlier than 3.9.4-5ubuntu6.2 AND Release section Ubuntu 10.04 is installed Packages match section libtiff-tools DPKG is earlier than 3.9.2-2ubuntu0.9 AND libtiff4 DPKG is earlier than 3.9.2-2ubuntu0.9 AND Release section Ubuntu 8.04 is installed Packages match section libtiff-tools DPKG is earlier than 3.8.2-7ubuntu3.12 AND libtiff4 DPKG is earlier than 3.8.2-7ubuntu3.12

Definition Id: oval:org.mitre.oval:def:21527

Oval ID:	oval:org.mitre.oval:def:21527
Title:	RHSA-2012:1054: libtiff security update (Important)
Description:	Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:1054-01 CESA-2012:1054 CVE-2012-2088 CVE-2012-2113	Version:	29
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6	Product(s):	libtiff
Definition Synopsis:
Operation system section Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages section libtiff is earlier than 0:3.8.2-15.el5_8 AND libtiff-devel is earlier than 0:3.8.2-15.el5_8 AND Operation system section Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section libtiff is earlier than 0:3.9.4-6.el6_3 AND libtiff-static is earlier than 0:3.9.4-6.el6_3 AND libtiff-devel is earlier than 0:3.9.4-6.el6_3

Definition Id: oval:org.mitre.oval:def:22815

Oval ID:	oval:org.mitre.oval:def:22815
Title:	DEPRECATED: ELSA-2012:1054: libtiff security update (Important)
Description:	Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:1054-01 CVE-2012-2088 CVE-2012-2113	Version:	14
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	libtiff
Definition Synopsis:
rpm test Oracle Linux 5.x AND rpm test libtiff is earlier than 0:3.8.2-15.el5_8 AND libtiff-devel is earlier than 0:3.8.2-15.el5_8 OR rpm test Oracle Linux 6.x AND rpm test libtiff is earlier than 0:3.9.4-6.el6_3 AND libtiff-static is earlier than 0:3.9.4-6.el6_3 AND libtiff-devel is earlier than 0:3.9.4-6.el6_3

Definition Id: oval:org.mitre.oval:def:23926

Oval ID:	oval:org.mitre.oval:def:23926
Title:	ELSA-2012:1054: libtiff security update (Important)
Description:	Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:1054-01 CVE-2012-2088 CVE-2012-2113	Version:	13
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	libtiff
Definition Synopsis:
rpm test Oracle Linux 5.x AND rpm test libtiff is earlier than 0:3.8.2-15.el5_8 AND libtiff-devel is earlier than 0:3.8.2-15.el5_8 OR rpm test Oracle Linux 6.x AND rpm test libtiff is earlier than 0:3.9.4-6.el6_3 AND libtiff-static is earlier than 0:3.9.4-6.el6_3 AND libtiff-devel is earlier than 0:3.9.4-6.el6_3

Definition Id: oval:org.mitre.oval:def:27857

Oval ID:	oval:org.mitre.oval:def:27857
Title:	DEPRECATED: ELSA-2012-1054 -- libtiff security update (important)
Description:	[3.9.4-6] - Add fixes for CVE-2012-2088, CVE-2012-2113 Resolves: #835748
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-1054 CVE-2012-2088 CVE-2012-2113	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	libtiff
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x Packages match section libtiff is earlier than 0:3.8.2-15.el5_8 AND libtiff-devel is earlier than 0:3.8.2-15.el5_8 AND Oracle Linux 6 release section Oracle Linux 6.x Packages match section libtiff is earlier than 0:3.9.4-6.el6_3 AND libtiff-devel is earlier than 0:3.9.4-6.el6_3 AND libtiff-static is earlier than 0:3.9.4-6.el6_3

CPE : Common Platform Enumeration

Type	Description	Count
Application	Libtiff cpe:2.3:a:libtiff:libtiff:4.0.1:::::::* cpe:2.3:a:libtiff:libtiff:4.0.0:::::::* cpe:2.3:a:libtiff:libtiff:4.0:::::::* cpe:2.3:a:libtiff:libtiff:4.0:alpha:::::: cpe:2.3:a:libtiff:libtiff:4.0:beta3:::::: cpe:2.3:a:libtiff:libtiff:4.0:beta5:::::: cpe:2.3:a:libtiff:libtiff:4.0:beta1:::::: cpe:2.3:a:libtiff:libtiff:4.0:beta2:::::: cpe:2.3:a:libtiff:libtiff:4.0:beta4:::::: cpe:2.3:a:libtiff:libtiff:4.0:beta6:::::: cpe:2.3:a:libtiff:libtiff:3.9.5:::::::* cpe:2.3:a:libtiff:libtiff:3.9.4:::::::* cpe:2.3:a:libtiff:libtiff:3.9.3:::::::* cpe:2.3:a:libtiff:libtiff:3.9.2-5.2.1:::::::* cpe:2.3:a:libtiff:libtiff:3.9.2:::::::* cpe:2.3:a:libtiff:libtiff:3.9.1:::::::* cpe:2.3:a:libtiff:libtiff:3.9.0:::::::* cpe:2.3:a:libtiff:libtiff:3.9.0:beta:::::: cpe:2.3:a:libtiff:libtiff:3.9:::::::* cpe:2.3:a:libtiff:libtiff:3.8.2:::::::* cpe:2.3:a:libtiff:libtiff:3.8.1:::::::* cpe:2.3:a:libtiff:libtiff:3.8.0:::::::* cpe:2.3:a:libtiff:libtiff:3.7.4:::::::* cpe:2.3:a:libtiff:libtiff:3.7.3:::::::* cpe:2.3:a:libtiff:libtiff:3.7.2:::::::* cpe:2.3:a:libtiff:libtiff:3.7.1:::::::* cpe:2.3:a:libtiff:libtiff:3.7.0:alpha:::::: cpe:2.3:a:libtiff:libtiff:3.7.0:beta:::::: cpe:2.3:a:libtiff:libtiff:3.7.0:::::::* cpe:2.3:a:libtiff:libtiff:3.7.0:beta2:::::: cpe:2.3:a:libtiff:libtiff:3.6.1:::::::* cpe:2.3:a:libtiff:libtiff:3.6.0:beta:::::: cpe:2.3:a:libtiff:libtiff:3.6.0:beta2:::::: cpe:2.3:a:libtiff:libtiff:3.6.0:::::::* cpe:2.3:a:libtiff:libtiff:3.5.7:alpha4:::::: cpe:2.3:a:libtiff:libtiff:3.5.7:alpha3:::::: cpe:2.3:a:libtiff:libtiff:3.5.7:alpha2:::::: cpe:2.3:a:libtiff:libtiff:3.5.7:::::::* cpe:2.3:a:libtiff:libtiff:3.5.7:beta:::::: cpe:2.3:a:libtiff:libtiff:3.5.7:alpha:::::: cpe:2.3:a:libtiff:libtiff:3.5.6:beta:::::: cpe:2.3:a:libtiff:libtiff:3.5.6:::::::* cpe:2.3:a:libtiff:libtiff:3.5.5:::::::* cpe:2.3:a:libtiff:libtiff:3.5.4:::::::* cpe:2.3:a:libtiff:libtiff:3.5.3:::::::* cpe:2.3:a:libtiff:libtiff:3.5.2:::::::* cpe:2.3:a:libtiff:libtiff:3.5.1:::::::* cpe:2.3:a:libtiff:libtiff:3.4:beta24:::::: cpe:2.3:a:libtiff:libtiff:3.4:beta37:::::: cpe:2.3:a:libtiff:libtiff:3.4:::::::* cpe:2.3:a:libtiff:libtiff:3.4:beta36:::::: cpe:2.3:a:libtiff:libtiff:3.4:beta29:::::: cpe:2.3:a:libtiff:libtiff:3.4:beta34:::::: cpe:2.3:a:libtiff:libtiff:3.4:beta18:::::: cpe:2.3:a:libtiff:libtiff:3.4:beta28:::::: cpe:2.3:a:libtiff:libtiff:3.4:beta31:::::: cpe:2.3:a:libtiff:libtiff:3.4:beta35:::::: cpe:2.3:a:libtiff:libtiff:3.4:beta32:::::: cpe:2.3:a:libtiff:libtiff:::::::: cpe:2.3:a:libtiff:libtiff:-:::::::*	60

OpenVAS Exploits

Date	Description
2012-12-31	Name : Fedora Update for libtiff FEDORA-2012-20404 File : nvt/gb_fedora_2012_20404_libtiff_fc16.nasl
2012-12-31	Name : Fedora Update for libtiff FEDORA-2012-20446 File : nvt/gb_fedora_2012_20446_libtiff_fc17.nasl
2012-10-03	Name : Debian Security Advisory DSA 2552-1 (tiff) File : nvt/deb_2552_1.nasl
2012-09-26	Name : Gentoo Security Advisory GLSA 201209-02 (tiff) File : nvt/glsa_201209_02.nasl
2012-08-30	Name : Fedora Update for libtiff FEDORA-2012-10081 File : nvt/gb_fedora_2012_10081_libtiff_fc17.nasl
2012-08-30	Name : Fedora Update for libtiff FEDORA-2012-11000 File : nvt/gb_fedora_2012_11000_libtiff_fc17.nasl
2012-08-14	Name : Fedora Update for libtiff FEDORA-2012-10978 File : nvt/gb_fedora_2012_10978_libtiff_fc16.nasl
2012-07-30	Name : CentOS Update for libtiff CESA-2012:1054 centos5 File : nvt/gb_CESA-2012_1054_libtiff_centos5.nasl
2012-07-30	Name : CentOS Update for libtiff CESA-2012:1054 centos6 File : nvt/gb_CESA-2012_1054_libtiff_centos6.nasl
2012-07-16	Name : Fedora Update for libtiff FEDORA-2012-10089 File : nvt/gb_fedora_2012_10089_libtiff_fc16.nasl
2012-07-06	Name : RedHat Update for libtiff RHSA-2012:1054-01 File : nvt/gb_RHSA-2012_1054-01_libtiff.nasl
2012-07-06	Name : Mandriva Update for libtiff MDVSA-2012:101 (libtiff) File : nvt/gb_mandriva_MDVSA_2012_101.nasl
2012-07-06	Name : Ubuntu Update for tiff USN-1498-1 File : nvt/gb_ubuntu_USN_1498_1.nasl

Information Assurance Vulnerability Management (IAVM)

Date	Description
2014-03-13	IAVM : 2014-B-0024 - Multiple Security Vulnerabilities in Apple iOS Severity : Category I - VMSKEY : V0046157
2013-02-21	IAVM : 2013-A-0048 - Multiple Remote Code Execution Vulnerabilities in BlackBerry Enterprise Server Severity : Category I - VMSKEY : V0036903

Nessus® Vulnerability Scanner

Date	Description
2015-06-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120703_libtiff_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_libtiff_20120821.nasl - Type : ACT_GATHER_INFO
2015-01-12	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15863.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-361.nasl - Type : ACT_GATHER_INFO
2014-03-12	Name : The remote device is affected by multiple vulnerabilities. File : appletv_6_1.nasl - Type : ACT_GATHER_INFO
2013-10-20	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2013-290-01.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-106.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1054.nasl - Type : ACT_GATHER_INFO
2013-04-20	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-046.nasl - Type : ACT_GATHER_INFO
2013-03-21	Name : The remote Windows host has an application that is affected by multiple vulne... File : blackberry_es_tiff_kb33425.nasl - Type : ACT_GATHER_INFO
2013-03-15	Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_8_3.nasl - Type : ACT_GATHER_INFO
2013-03-15	Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_SecUpd2013-001.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libtiff-devel-120622.nasl - Type : ACT_GATHER_INFO
2012-09-27	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2552.nasl - Type : ACT_GATHER_INFO
2012-09-24	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201209-02.nasl - Type : ACT_GATHER_INFO
2012-07-20	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libtiff-8199.nasl - Type : ACT_GATHER_INFO
2012-07-16	Name : The remote Fedora host is missing a security update. File : fedora_2012-10089.nasl - Type : ACT_GATHER_INFO
2012-07-16	Name : The remote Fedora host is missing a security update. File : fedora_2012-10081.nasl - Type : ACT_GATHER_INFO
2012-07-06	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1498-1.nasl - Type : ACT_GATHER_INFO
2012-07-05	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-101.nasl - Type : ACT_GATHER_INFO
2012-07-05	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1054.nasl - Type : ACT_GATHER_INFO
2012-07-05	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1054.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 12:00:23	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	2
Oval ID(s)	5
CPE ID(s)	60
Openvas Exploit(s)	13
IAVM(s)	2
Nessus® Exploit(s)	22

	Related
7.5	CVE-2012-2088
6.8	CVE-2012-2113
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 2 more Alert(s)