Unrated severityNVD Advisory· Published Jun 17, 2010· Updated Jun 16, 2026
CVE-2010-1411
CVE-2010-1411
Description
Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as used in ImageIO in Apple Mac OS X 10.5.8 and Mac OS X 10.6 before 10.6.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
12cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*
- (no CPE)range: 10.5.8, <10.6.4
cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
32- support.apple.com/kb/HT4188nvdPatchVendor Advisory
- lists.apple.com/archives/security-announce/2010//Jun/msg00001.htmlnvdVendor Advisory
- secunia.com/advisories/40220nvdVendor Advisory
- www.vupen.com/english/advisories/2010/1481nvdVendor Advisory
- lists.apple.com/archives/security-announce/2010//Jun/msg00002.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2010-July/043769.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2010-July/043835.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.htmlnvd
- marc.infonvd
- secunia.com/advisories/40181nvd
- secunia.com/advisories/40196nvd
- secunia.com/advisories/40381nvd
- secunia.com/advisories/40478nvd
- secunia.com/advisories/40527nvd
- secunia.com/advisories/40536nvd
- secunia.com/advisories/50726nvd
- security.gentoo.org/glsa/glsa-201209-02.xmlnvd
- securitytracker.com/idnvd
- slackware.com/security/viewer.phpnvd
- support.apple.com/kb/HT4196nvd
- support.apple.com/kb/HT4220nvd
- www.redhat.com/support/errata/RHSA-2010-0519.htmlnvd
- www.redhat.com/support/errata/RHSA-2010-0520.htmlnvd
- www.remotesensing.org/libtiff/v3.9.3.htmlnvd
- www.securityfocus.com/bid/40823nvd
- www.ubuntu.com/usn/USN-954-1nvd
- www.vupen.com/english/advisories/2010/1435nvd
- www.vupen.com/english/advisories/2010/1512nvd
- www.vupen.com/english/advisories/2010/1638nvd
- www.vupen.com/english/advisories/2010/1731nvd
- www.vupen.com/english/advisories/2010/1761nvd
- bugzilla.redhat.com/show_bug.cginvd
News mentions
0No linked articles in our index yet.