NVD Vulnerability Detail

CVE-2011-0192

Summary	Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h. NOTE: some of these details are obtained from third party information.
Publication Date	March 4, 2011, 5 a.m.
Registration Date	Jan. 28, 2021, 4:37 p.m.
Last Update	Nov. 21, 2024, 10:23 a.m.

CVSS2.0 : HIGH
Score	9.3
Vector	AV:N/AC:M/Au:N/C:C/I:C/A:C
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	中
攻撃前の認証要否(Au)	不要
機密性への影響(C)	高
完全性への影響(I)	高
可用性への影響(A)	高
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	はい

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:apple:itunes::::::::			10.1.2
cpe:2.3:a:apple:itunes:4.0.0:::::::*
cpe:2.3:a:apple:itunes:4.0.1:::::::*
cpe:2.3:a:apple:itunes:4.1.0:::::::*
cpe:2.3:a:apple:itunes:4.2.0:::::::*
cpe:2.3:a:apple:itunes:4.5:::::::*
cpe:2.3:a:apple:itunes:4.5.0:::::::*
cpe:2.3:a:apple:itunes:4.6:::::::*
cpe:2.3:a:apple:itunes:4.6.0:::::::*
cpe:2.3:a:apple:itunes:4.7:::::::*
cpe:2.3:a:apple:itunes:4.7.0:::::::*
cpe:2.3:a:apple:itunes:4.7.1:::::::*
cpe:2.3:a:apple:itunes:4.7.2:::::::*
cpe:2.3:a:apple:itunes:4.8.0:::::::*
cpe:2.3:a:apple:itunes:4.9.0:::::::*
cpe:2.3:a:apple:itunes:5.0:::::::*
cpe:2.3:a:apple:itunes:5.0.0:::::::*
cpe:2.3:a:apple:itunes:5.0.1:::::::*
cpe:2.3:a:apple:itunes:6.0.0:::::::*
cpe:2.3:a:apple:itunes:6.0.1:::::::*
cpe:2.3:a:apple:itunes:6.0.2:::::::*
cpe:2.3:a:apple:itunes:6.0.3:::::::*
cpe:2.3:a:apple:itunes:6.0.4:::::::*
cpe:2.3:a:apple:itunes:6.0.4.2:::::::*
cpe:2.3:a:apple:itunes:6.0.5:::::::*
cpe:2.3:a:apple:itunes:7.0.0:::::::*
cpe:2.3:a:apple:itunes:7.0.1:::::::*
cpe:2.3:a:apple:itunes:7.0.2:::::::*
cpe:2.3:a:apple:itunes:7.1.0:::::::*
cpe:2.3:a:apple:itunes:7.1.1:::::::*
cpe:2.3:a:apple:itunes:7.2.0:::::::*
cpe:2.3:a:apple:itunes:7.3.0:::::::*
cpe:2.3:a:apple:itunes:7.3.1:::::::*
cpe:2.3:a:apple:itunes:7.3.2:::::::*
cpe:2.3:a:apple:itunes:7.4:::::::*
cpe:2.3:a:apple:itunes:7.4.0:::::::*
cpe:2.3:a:apple:itunes:7.4.1:::::::*
cpe:2.3:a:apple:itunes:7.4.2:::::::*
cpe:2.3:a:apple:itunes:7.4.3:::::::*
cpe:2.3:a:apple:itunes:7.5:::::::*
cpe:2.3:a:apple:itunes:7.5.0:::::::*
cpe:2.3:a:apple:itunes:7.6:::::::*
cpe:2.3:a:apple:itunes:7.6.0:::::::*
cpe:2.3:a:apple:itunes:7.6.1:::::::*
cpe:2.3:a:apple:itunes:7.6.2:::::::*
cpe:2.3:a:apple:itunes:7.7:::::::*
cpe:2.3:a:apple:itunes:7.7.0:::::::*
cpe:2.3:a:apple:itunes:7.7.1:::::::*
cpe:2.3:a:apple:itunes:8.0.0:::::::*
cpe:2.3:a:apple:itunes:8.0.1:::::::*
cpe:2.3:a:apple:itunes:8.0.2:::::::*
cpe:2.3:a:apple:itunes:8.1:::::::*
cpe:2.3:a:apple:itunes:8.1.1:::::::*
cpe:2.3:a:apple:itunes:8.2:::::::*
cpe:2.3:a:apple:itunes:8.2.1:::::::*
cpe:2.3:a:apple:itunes:9.0.0:::::::*
cpe:2.3:a:apple:itunes:9.0.1:::::::*
cpe:2.3:a:apple:itunes:9.0.2:::::::*
cpe:2.3:a:apple:itunes:9.0.3:::::::*
cpe:2.3:a:apple:itunes:9.2:::::::*
cpe:2.3:a:apple:itunes:9.2.1:::::::*
cpe:2.3:a:apple:itunes:10.0:::::::*
cpe:2.3:a:apple:itunes:10.0.1:::::::*
cpe:2.3:a:apple:itunes:10.1:::::::*
cpe:2.3:a:apple:itunes:10.1.1:::::::*
execution environment
1	cpe:2.3:o:microsoft:windows::::::::
2	cpe:2.3:o:microsoft:windows_7::::::::
3	cpe:2.3:o:microsoft:windows_vista::sp1::::::*
4	cpe:2.3:o:microsoft:windows_vista::sp2::::::*
5	cpe:2.3:o:microsoft:windows_vista::::::::
6	cpe:2.3:o:microsoft:windows_xp::sp2::::::*
7	cpe:2.3:o:microsoft:windows_xp::sp3::::::*

Related information, measures and tools

No	URL	タグ
1	http://blackberry.com/btsc/KB27244
2	http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html
3	http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
4	http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html
5	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
6	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
7	http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html	Patch Vendor Advisory
8	http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
9	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html
10	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html
11	http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html
12	http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html
13	http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
14	http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
15	http://secunia.com/advisories/43585
16	http://secunia.com/advisories/43593
17	http://secunia.com/advisories/43664
18	http://secunia.com/advisories/43934
19	http://secunia.com/advisories/44117
20	http://secunia.com/advisories/44135
21	http://secunia.com/advisories/50726
22	http://security.gentoo.org/glsa/glsa-201209-02.xml
23	http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820
24	http://support.apple.com/kb/HT4554	Vendor Advisory
25	http://support.apple.com/kb/HT4564
26	http://support.apple.com/kb/HT4565
27	http://support.apple.com/kb/HT4566
28	http://support.apple.com/kb/HT4581
29	http://support.apple.com/kb/HT4999
30	http://support.apple.com/kb/HT5001
31	http://www.debian.org/security/2011/dsa-2210
32	http://www.mandriva.com/security/advisories?name=MDVSA-2011:043
33	http://www.redhat.com/support/errata/RHSA-2011-0318.html
34	http://www.securityfocus.com/bid/46658
35	http://www.securitytracker.com/id?1025153
36	http://www.vupen.com/english/advisories/2011/0551
37	http://www.vupen.com/english/advisories/2011/0599
38	http://www.vupen.com/english/advisories/2011/0621
39	http://www.vupen.com/english/advisories/2011/0845
40	http://www.vupen.com/english/advisories/2011/0905
41	http://www.vupen.com/english/advisories/2011/0930
42	http://www.vupen.com/english/advisories/2011/0960
43	https://bugzilla.redhat.com/show_bug.cgi?id=678635
44	http://blackberry.com/btsc/KB27244
45	https://bugzilla.redhat.com/show_bug.cgi?id=678635
46	http://www.vupen.com/english/advisories/2011/0960
47	http://www.vupen.com/english/advisories/2011/0930
48	http://www.vupen.com/english/advisories/2011/0905
49	http://www.vupen.com/english/advisories/2011/0845
50	http://www.vupen.com/english/advisories/2011/0621
51	http://www.vupen.com/english/advisories/2011/0599
52	http://www.vupen.com/english/advisories/2011/0551
53	http://www.securitytracker.com/id?1025153
54	http://www.securityfocus.com/bid/46658
55	http://www.redhat.com/support/errata/RHSA-2011-0318.html
56	http://www.mandriva.com/security/advisories?name=MDVSA-2011:043
57	http://www.debian.org/security/2011/dsa-2210
58	http://support.apple.com/kb/HT5001
59	http://support.apple.com/kb/HT4999
60	http://support.apple.com/kb/HT4581
61	http://support.apple.com/kb/HT4566
62	http://support.apple.com/kb/HT4565
63	http://support.apple.com/kb/HT4564
64	http://support.apple.com/kb/HT4554	Vendor Advisory
65	http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820
66	http://security.gentoo.org/glsa/glsa-201209-02.xml
67	http://secunia.com/advisories/50726
68	http://secunia.com/advisories/44135
69	http://secunia.com/advisories/44117
70	http://secunia.com/advisories/43934
71	http://secunia.com/advisories/43664
72	http://secunia.com/advisories/43593
73	http://secunia.com/advisories/43585
74	http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
75	http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
76	http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html
77	http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html
78	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html
79	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html
80	http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
81	http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html	Patch Vendor Advisory
82	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
83	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
84	http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html
85	http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
86	http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-119	バッファエラー	https://cwe.mitre.org/data/definitions/118.html

JVN Vulnerability Information

複数の Apple 製品の LIBTIFF におけるバッファオーバーフローの脆弱性

Title	複数の Apple 製品の LIBTIFF におけるバッファオーバーフローの脆弱性
Summary	複数の Apple 製品の LIBTIFF には、libtiff/tif_fax3.h. の EXPAND2D マクロに関する処理に不備があるため、バッファオーバーフローの脆弱性が存在します。
Possible impacts	攻撃者により、巧妙に細工された TIFF インタネットファックスイメージファイルを介して、任意のコードを実行される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	March 3, 2011, midnight
Registration Date	April 5, 2011, 2:49 p.m.
Last Update	April 17, 2012, 5:32 p.m.

Affected System

レッドハット

Red Hat Enterprise Linux 4 (as)

Red Hat Enterprise Linux 4 (es)

Red Hat Enterprise Linux 4 (ws)

Red Hat Enterprise Linux 4.8 (as)

Red Hat Enterprise Linux 4.8 (es)

Red Hat Enterprise Linux 5 (server)

Red Hat Enterprise Linux Desktop 4.0

Red Hat Enterprise Linux Desktop 5.0 (client)

Red Hat Enterprise Linux Desktop 6

Red Hat Enterprise Linux HPC Node 6

Red Hat Enterprise Linux Server 6

Red Hat Enterprise Linux Workstation 6

RHEL Desktop Workstation 5 (client)

アップル

Apple Mac OS X v10.5.8

Apple Mac OS X v10.6.5 以降

Apple Mac OS X Server v10.5.8

Apple Mac OS X Server v10.6.5 以降

Apple TV 4.0

Apple TV 4.1

iOS 3.0 から 4.2.1 (iPhone 3GS 以降の場合)

iOS 3.1 から 4.2.1 (iPod touch (3rd generation)以降の場合)

iOS 3.2 から 4.2.1 (iPad 用)

iPad

iPhone

iPod touch

iTunes 10

Safari 5

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2011-0192	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192
National Vulnerability Database (NVD)
2	CVE-2011-0192	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0192

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-119	https://jvndb.jvn.jp/ja/cwe/CWE-119.html

ベンダー情報

No	Name	URL
Apple Security Updates
1	HT4554	http://support.apple.com/kb/HT4554
2	HT4564	http://support.apple.com/kb/HT4564
3	HT4565	http://support.apple.com/kb/HT4565
4	HT4566	http://support.apple.com/kb/HT4566
5	HT4581	http://support.apple.com/kb/HT4581
Apple セキュリティアップデート
6	HT4554	http://support.apple.com/kb/HT4554?viewlocale=ja_JP
7	HT4564	http://support.apple.com/kb/HT4564?viewlocale=ja_JP
8	HT4565	http://support.apple.com/kb/HT4565?viewlocale=ja_JP
9	HT4566	http://support.apple.com/kb/HT4566?viewlocale=ja_JP
10	HT4581	http://support.apple.com/kb/HT4581?viewlocale=ja_JP
LibTIFF - TIFF Library and Utilities
11	FTP Directory	ftp://ftp.remotesensing.org/pub/libtiff/
Red Hat Security Advisory
12	RHSA-2011:0318	https://rhn.redhat.com/errata/RHSA-2011-0318.html
SECURITY BLOG
13	Multiple vulnerabilities in LibTIFF	https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_libtiff

その他

No	Name	URL
JVN
1	JVNVU#556020	http://jvn.jp/cert/JVNVU556020
2	JVNVU#574588	http://jvn.jp/cert/JVNVU574588
3	JVNVU#636925	http://jvn.jp/cert/JVNVU636925
4	JVNVU#643615	http://jvn.jp/cert/JVNVU643615
5	JVNVU#867452	http://jvn.jp/cert/JVNVU867452
Secunia Advisory
6	SA43593	http://secunia.com/advisories/43593
SecurityFocus
7	46658	http://www.securityfocus.com/bid/46658

Change Log

No	Changed Details	Date of change
0	[2011年04月05日] 掲載 [2011年04月28日] ベンダ情報：LibTIFF (FTP Directory) を追加 [2012年04月17日] ベンダ情報：オラクル (Multiple vulnerabilities in LibTIFF) を追加	Feb. 17, 2018, 10:37 a.m.

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:apple:itunes::::::::			10.1.2
cpe:2.3:a:apple:itunes:4.0.0:::::::*
cpe:2.3:a:apple:itunes:4.0.1:::::::*
cpe:2.3:a:apple:itunes:4.1.0:::::::*
cpe:2.3:a:apple:itunes:4.2.0:::::::*
cpe:2.3:a:apple:itunes:4.5:::::::*
cpe:2.3:a:apple:itunes:4.5.0:::::::*
cpe:2.3:a:apple:itunes:4.6:::::::*
cpe:2.3:a:apple:itunes:4.6.0:::::::*
cpe:2.3:a:apple:itunes:4.7:::::::*
cpe:2.3:a:apple:itunes:4.7.0:::::::*
cpe:2.3:a:apple:itunes:4.7.1:::::::*
cpe:2.3:a:apple:itunes:4.7.2:::::::*
cpe:2.3:a:apple:itunes:4.8.0:::::::*
cpe:2.3:a:apple:itunes:4.9.0:::::::*
cpe:2.3:a:apple:itunes:5.0:::::::*
cpe:2.3:a:apple:itunes:5.0.0:::::::*
cpe:2.3:a:apple:itunes:5.0.1:::::::*
cpe:2.3:a:apple:itunes:6.0.0:::::::*
cpe:2.3:a:apple:itunes:6.0.1:::::::*
cpe:2.3:a:apple:itunes:6.0.2:::::::*
cpe:2.3:a:apple:itunes:6.0.3:::::::*
cpe:2.3:a:apple:itunes:6.0.4:::::::*
cpe:2.3:a:apple:itunes:6.0.4.2:::::::*
cpe:2.3:a:apple:itunes:6.0.5:::::::*
cpe:2.3:a:apple:itunes:7.0.0:::::::*
cpe:2.3:a:apple:itunes:7.0.1:::::::*
cpe:2.3:a:apple:itunes:7.0.2:::::::*
cpe:2.3:a:apple:itunes:7.1.0:::::::*
cpe:2.3:a:apple:itunes:7.1.1:::::::*
cpe:2.3:a:apple:itunes:7.2.0:::::::*
cpe:2.3:a:apple:itunes:7.3.0:::::::*
cpe:2.3:a:apple:itunes:7.3.1:::::::*
cpe:2.3:a:apple:itunes:7.3.2:::::::*
cpe:2.3:a:apple:itunes:7.4:::::::*
cpe:2.3:a:apple:itunes:7.4.0:::::::*
cpe:2.3:a:apple:itunes:7.4.1:::::::*
cpe:2.3:a:apple:itunes:7.4.2:::::::*
cpe:2.3:a:apple:itunes:7.4.3:::::::*
cpe:2.3:a:apple:itunes:7.5:::::::*
cpe:2.3:a:apple:itunes:7.5.0:::::::*
cpe:2.3:a:apple:itunes:7.6:::::::*
cpe:2.3:a:apple:itunes:7.6.0:::::::*
cpe:2.3:a:apple:itunes:7.6.1:::::::*
cpe:2.3:a:apple:itunes:7.6.2:::::::*
cpe:2.3:a:apple:itunes:7.7:::::::*
cpe:2.3:a:apple:itunes:7.7.0:::::::*
cpe:2.3:a:apple:itunes:7.7.1:::::::*
cpe:2.3:a:apple:itunes:8.0.0:::::::*
cpe:2.3:a:apple:itunes:8.0.1:::::::*
cpe:2.3:a:apple:itunes:8.0.2:::::::*
cpe:2.3:a:apple:itunes:8.1:::::::*
cpe:2.3:a:apple:itunes:8.1.1:::::::*
cpe:2.3:a:apple:itunes:8.2:::::::*
cpe:2.3:a:apple:itunes:8.2.1:::::::*
cpe:2.3:a:apple:itunes:9.0.0:::::::*
cpe:2.3:a:apple:itunes:9.0.1:::::::*
cpe:2.3:a:apple:itunes:9.0.2:::::::*
cpe:2.3:a:apple:itunes:9.0.3:::::::*
cpe:2.3:a:apple:itunes:9.2:::::::*
cpe:2.3:a:apple:itunes:9.2.1:::::::*
cpe:2.3:a:apple:itunes:10.0:::::::*
cpe:2.3:a:apple:itunes:10.0.1:::::::*
cpe:2.3:a:apple:itunes:10.1:::::::*
cpe:2.3:a:apple:itunes:10.1.1:::::::*
execution environment
1	cpe:2.3:o:microsoft:windows::::::::
2	cpe:2.3:o:microsoft:windows_7::::::::
3	cpe:2.3:o:microsoft:windows_vista::sp1::::::*
4	cpe:2.3:o:microsoft:windows_vista::sp2::::::*
5	cpe:2.3:o:microsoft:windows_vista::::::::
6	cpe:2.3:o:microsoft:windows_xp::sp2::::::*
7	cpe:2.3:o:microsoft:windows_xp::sp3::::::*