Unrated severityNVD Advisory· Published Jul 2, 2010· Updated Apr 29, 2026

CVE-2010-2598

Description

LibTIFF in Red Hat Enterprise Linux (RHEL) 3 on x86_64 platforms, as used in tiff2rgba, attempts to process image data even when the required compression functionality is not configured, which allows remote attackers to cause a denial of service via a crafted TIFF image, related to "downsampled OJPEG input."

Affected products

Red Hat/Enterprise Linux7 versions
cpe:2.3:o:redhat:enterprise_linux:3:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:o:redhat:enterprise_linux:3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:3:ga:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:3:ga:as:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:3:ga:desktop:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:3:ga:es:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:3:ga:ws:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugzilla.redhat.com/show_bug.cginvdExploit
secunia.com/advisories/40536nvdPermissions RequiredThird Party Advisory
www.redhat.com/support/errata/RHSA-2010-0520.htmlnvdNot Applicable
www.vupen.com/english/advisories/2010/1761nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000