CVE-2010-2482

EPSS 18.8%

tiff - several

Published: 7/6/2010Modified: 4/28/2026

Description

LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted TIFF file, a different vulnerability than CVE-2010-2443.

Affected packages (2)

Debian/tifffrom 0, < 3.9.4-1
Debian/tifffrom 0, < 3.9.4-5+squeeze5

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-2482