CVE-2010-2598

Name of the Vulnerable Software and Affected Versions libtiff-devel versions 3.5.7 Red Hat Enterprise Linux (RHEL) 3 on x86 64 platforms CentOS versions with libtiff-devel-3.5.7

Description The issue affects the libtiff-devel package in Red Hat Enterprise Linux and CentOS, allowing remote attackers to exploit multiple vulnerabilities. These vulnerabilities can lead to a breach of confidentiality, integrity, and availability of protected information. The exploitation can be done remotely. In Red Hat Enterprise Linux 3 on x86 64 platforms, the LibTIFF issue is related to the processing of downsampled OJPEG input in TIFF images, which can cause a denial of service when a crafted TIFF image is used.

Recommendations For libtiff-devel version 3.5.7, consider updating to a newer version that includes the necessary security patches. For Red Hat Enterprise Linux (RHEL) 3 on x86 64 platforms, update the system to ensure the LibTIFF package is patched to prevent the denial of service issue. For CentOS with libtiff-devel-3.5.7, update the libtiff-devel package to a version that is not vulnerable to the mentioned issues.