LibTIFF 3.8.2 - 'LZWDecodeCompat' Remote Buffer Underflow Vulnerability

2009-05-21T00:00:00
ID EDB-ID:33049
Type exploitdb
Reporter wololo
Modified 2009-05-21T00:00:00

Description

LibTIFF 3.8.2 'LZWDecodeCompat()' Remote Buffer Underflow Vulnerability. CVE-2009-2285. Dos exploit for linux platform

                                        
                                            source: http://www.securityfocus.com/bid/35451/info

LibTIFF is prone to a remote buffer-underflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.

An attacker can exploit this issue to execute arbitrary malicious code in the context of a user running an application that uses the affected library. Failed exploit attempts will likely crash the application.

LibTIFF 3.8.2 is vulnerable; other versions may be affected as well. 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33049.zip