Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888
marc.info/?l=bugtraq&m=109778785107450&w=2
scary.beasts.org/security/CESA-2004-006.txt
secunia.com/advisories/12818
sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1
sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1
www.debian.org/security/2004/dsa-567
www.gentoo.org/security/en/glsa/glsa-200410-11.xml
www.kb.cert.org/vuls/id/948752
www.kde.org/info/security/advisory-20041209-2.txt
www.mandriva.com/security/advisories?name=MDKSA-2004:109
www.mandriva.com/security/advisories?name=MDKSA-2005:052
www.novell.com/linux/security/advisories/2004_38_libtiff.html
www.redhat.com/support/errata/RHSA-2004-577.html
www.redhat.com/support/errata/RHSA-2005-021.html
www.redhat.com/support/errata/RHSA-2005-354.html
www.securityfocus.com/bid/11406
exchange.xforce.ibmcloud.com/vulnerabilities/17703
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100114
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8896