CVE-2011-0191

N/A Unknown

Published: March 03, 2011 Modified: April 29, 2026

Description

Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html

Source: product-security@apple.com

http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html

Source: product-security@apple.com

http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html

Source: product-security@apple.com

http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html

Source: product-security@apple.com

Patch Vendor Advisory

http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html

Source: product-security@apple.com

http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html

Source: product-security@apple.com

http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html

Source: product-security@apple.com

http://secunia.com/advisories/43934

Source: product-security@apple.com

http://support.apple.com/kb/HT4554

Source: product-security@apple.com

Vendor Advisory

http://support.apple.com/kb/HT4564

Source: product-security@apple.com

http://support.apple.com/kb/HT4565

Source: product-security@apple.com

http://support.apple.com/kb/HT4566

Source: product-security@apple.com

http://support.apple.com/kb/HT4581

Source: product-security@apple.com

http://www.debian.org/security/2011/dsa-2210

Source: product-security@apple.com

http://www.mandriva.com/security/advisories?name=MDVSA-2011:064

Source: product-security@apple.com

http://www.securityfocus.com/bid/46657

Source: product-security@apple.com

http://www.vupen.com/english/advisories/2011/0845

Source: product-security@apple.com

http://www.vupen.com/english/advisories/2011/0859

Source: product-security@apple.com

http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/43934

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.apple.com/kb/HT4554

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://support.apple.com/kb/HT4564

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.apple.com/kb/HT4565

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.apple.com/kb/HT4566

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.apple.com/kb/HT4581

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2011/dsa-2210

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2011:064

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/46657

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2011/0845

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2011/0859

Source: af854a3a-2127-422b-91ae-364da2661108

36 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

6.7%

93th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-119

Affected Vendors

apple microsoft

Related CVEs

CVE-2026-40941 N/A

CVE-2026-40084 6.5

CVE-2026-40083 7.2

CVE-2026-40082 5.4

CVE-2026-40080 6.1