CVE-2010-2482

Name of the Vulnerable Software and Affected Versions LibTIFF versions 3.9.4 and earlier tiff versions prior to 4.0.2-r1

Description The issue arises from improper handling of an invalid td stripbytecount field in crafted TIFF files, leading to a denial of service through a NULL pointer dereference and application crash. Additionally, multiple vulnerabilities in the tiff package can compromise the confidentiality, integrity, and availability of protected information, with potential for remote exploitation.

Recommendations For LibTIFF versions 3.9.4 and earlier, update to a version later than 3.9.4 to resolve the issue. For tiff versions prior to 4.0.2-r1, update to version 4.0.2-r1 or later to address the vulnerabilities.