OpenBSD VuXML: Documenting security issues in the OpenBSD Ports & Packages Collection

tiff -- multiple vulnerabilities

Affected packages
tiff < 3.6.1p6

Details

VuXML ID d045aeb6-9ea6-11d9-9623-00065bd5b0b6
Discovery 2004-12-29
Entry 2005-03-27

Dmitry V. Levin has reported a vulnerability in LibTIFF, which potentially can be exploited by malicious people to compromise a user's system.

[source]

infamous41md discovered a problem in libtiff, the Tag Image File Format library for processing TIFF graphics files. Upon reading a TIFF file it is possible to allocate a zero sized buffer and write to it which would lead to the execution of arbitrary code.

[source]

References

CVE Name CAN-2004-1183
CVE Name CAN-2004-1308

Copyright © 2003-2005 Jacques Vidrine, Robert Nagy, and contributors.
Please see the source of this document for full copyright information.