Unrated severityNVD Advisory· Published Jun 24, 2010· Updated Apr 29, 2026
CVE-2010-2067
CVE-2010-2067
Description
Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file.
Affected products
6cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*+ 4 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
14- bugzilla.maptools.org/show_bug.cginvdIssue TrackingThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.htmlnvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- secunia.com/advisories/40241nvdThird Party Advisory
- secunia.com/advisories/40381nvdThird Party Advisory
- secunia.com/advisories/50726nvdThird Party Advisory
- security.gentoo.org/glsa/glsa-201209-02.xmlnvdThird Party Advisory
- slackware.com/security/viewer.phpnvdThird Party Advisory
- www.ubuntu.com/usn/USN-954-1nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/1638nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- labs.idefense.com/intelligence/vulnerabilities/display.phpnvdBroken Link
- osvdb.org/65676nvdBroken Link
- www.remotesensing.org/libtiff/v3.9.4.htmlnvdBroken Link
News mentions
0No linked articles in our index yet.