[Fwd: [SA19838] LibTIFF Multiple Vulnerabilities]
Marcus Alves Grando
mnag at FreeBSD.org
Fri Apr 28 14:39:40 UTC 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Can someone update graphics/linux-tiff to fix this issue?
Thanks
- -------- Original Message --------
Subject: [SA19838] LibTIFF Multiple Vulnerabilities
Date: 28 Apr 2006 09:33:52 -0000
From: Secunia Security Advisories <sec-adv at secunia.com>
To: marcus at corp.grupos.com.br
TITLE:
LibTIFF Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA19838
VERIFY ADVISORY:
http://secunia.com/advisories/19838/
CRITICAL:
Moderately critical
IMPACT:
DoS, System access
WHERE:
- From remote
SOFTWARE:
LibTIFF 3.x
http://secunia.com/product/4053/
DESCRIPTION:
Tavis Ormandy has reported some vulnerabilities in LibTIFF, which can
be exploited by malicious people to cause a DoS (Denial of Service)
and potentially to compromise a user's system.
1) Several unspecified errors in the "TIFFFetchAnyArray()" function
and in the cleanup functions can be exploited to crash an application
linked against LibTIFF when a specially crafted TIFF image is
processed.
2) An integer overflow error in the "TIFFFetchData()" function in
tif_dirread.c can be exploited to crash an application linked against
LibTIFF and may allow arbitrary code execution when a specially
crafted TIFF image is processed.
3) A double free error in tif_jpeg.c within the setfield/getfield
methods in the cleanup functions can be exploited to crash an
application linked against LibTIFF and may allow arbitrary code
execution when a specially crafted TIFF image is processed.
The vulnerabilities have been reported in version 3.8.0. Prior
versions may also be affected.
SOLUTION:
Update to version 3.8.1 or later.
http://www.remotesensing.org/libtiff/
PROVIDED AND/OR DISCOVERED BY:
Tavis Ormandy
ORIGINAL ADVISORY:
http://www.remotesensing.org/libtiff/v3.8.1.html
http://bugzilla.remotesensing.org/show_bug.cgi?id=1102
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189933
- ----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
- ----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=marcus%40corp.grupos.com.br
- ----------------------------------------------------------------------
- --
Marcus Alves Grando
FreeBSD Security Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEUikli+5fOs3MJz8RAsNfAJ4uUn8CCjpAVTeBPUTbqKf4HfqumgCfXZd+
EsvaV6xjmgla8V9bvO4r2ks=
=KkmQ
-----END PGP SIGNATURE-----
More information about the freebsd-emulation
mailing list