Heap-based buffer overflow in tiff (Alpine package)

1) Heap-based buffer overflow

EUVDB-ID: #VU32773

Risk: Medium

CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2012-3401

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which. A remote attacker can use a crafted TIFF image that triggers a heap-based buffer overflow. to trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

tiff (Alpine package): 3.9.6-r0

CPE2.3

• cpe:2.3:o:alpine:tiff_alpine_package:3.9.6-r0:*:*:*:*:alpine_linux:*:

External links

http://git.alpinelinux.org/aports/commit/?id=301bae2e27f652249d470c9150f1412f773a2cb8
http://git.alpinelinux.org/aports/commit/?id=cec5694c99fea1b7fa139a5059268a1e73be448a
http://git.alpinelinux.org/aports/commit/?id=79660117ab4cf62e035fb50d1cf9a3d6c6ce9b9a
http://git.alpinelinux.org/aports/commit/?id=87bc3681564395629e60dfff9915d4db4f5e88de
http://git.alpinelinux.org/aports/commit/?id=0a398c8e7af30d20d555a7b354958a7ae3ce3ece
http://git.alpinelinux.org/aports/commit/?id=4418ddad5793b4450725e317ad4231a0cb82215e

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.