CVE-2010-2598

Published: Jul 2, 2010Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

LibTIFF in Red Hat Enterprise Linux (RHEL) 3 on x86_64 platforms, as used in tiff2rgba, attempts to process image data even when the required compression functionality is not configured, which allows remote attackers to cause a denial of service via a crafted TIFF image, related to "downsampled OJPEG input."

Affected (7)

Products: Redhat: Enterprise Linux

1 product

Enterprise Linux

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 3.0
Redhat Enterprise Linux	Version 3
Redhat Enterprise Linux	Version 3 ga
Redhat Enterprise Linux	Version 3 ga
Redhat Enterprise Linux	Version 3 ga
Redhat Enterprise Linux	Version 3 ga
Redhat Enterprise Linux	Version 3 ga

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (8)

http://secunia.com/advisories/40536

Source: cve@mitre.org

Permissions RequiredThird Party Advisory

http://www.redhat.com/support/errata/RHSA-2010-0520.html

Source: cve@mitre.org

Not Applicable

http://www.vupen.com/english/advisories/2010/1761

Source: cve@mitre.org

Broken Link

https://bugzilla.redhat.com/show_bug.cgi?id=583081

Source: cve@mitre.org

Exploit

http://secunia.com/advisories/40536

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredThird Party Advisory

http://www.redhat.com/support/errata/RHSA-2010-0520.html

Source: af854a3a-2127-422b-91ae-364da2661108

Not Applicable

http://www.vupen.com/english/advisories/2010/1761

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

https://bugzilla.redhat.com/show_bug.cgi?id=583081

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

Timeline

No history available yet.