VIR Vulnerability Intelligence Relay

CVE-2012-4564

medium
Published 2012-11-11 · Modified 2026-04-29
CVSS v3
CVSS v2
6.8
VIR risk
6.8

Description

ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2012-4564

vendor Authored 2026-05-27

Vendor advisory: secalert@redhat.com — https://bugzilla.redhat.com/show_bug.cgi?id=871700

vendor Authored 2026-05-27

Vendor advisory: secalert@redhat.com — http://secunia.com/advisories/51133

OS impact
OSVersionStatusFixed in
ubuntu ubuntu8.04affected
ubuntu ubuntu10.04affected
ubuntu ubuntu11.10affected
ubuntu ubuntu12.04affected
ubuntu ubuntu12.10affected
suse suse11.4affected
debian debian6.0affected
debian debian7.0affected
redhat rhel5.0affected
redhat rhel6.0affected
redhat rhel6.3affected
debian debianbookwormfixed4.0.2-5
debian debianbullseyefixed4.0.2-5
debian debianforkyfixed4.0.2-5
debian debiansidfixed4.0.2-5
debian debiantrixiefixed4.0.2-5

Application impact
VendorProductVersionsFixed
libtifflibtiff{"endIncluding":"4.0.3"}

References

Verify integrity in audit chain (admin only). AS-IS.