The tiff library for handling TIFF image files contained a stack-based
buffer overflow, potentially allowing attackers who can submit such
files to a vulnerable system to execute arbitrary code.
For the stable distribution (squeeze), this problem has been fixed in
version 3.9.4-5+squeeze8.
For the testing distribution (wheezy) and the unstable distribution
(sid), this problem has been fixed in version 4.0.2-1 of the tiff
package, and version 3.9.6-10 of the tiff3 package.
We recommend that you upgrade your tiff packages.
CPE | Name | Operator | Version |
---|---|---|---|
tiff | eq | 3.9.4-5 | |
tiff | eq | 3.9.4-5+squeeze1 | |
tiff | eq | 3.9.4-5+squeeze2 | |
tiff | eq | 3.9.4-5+squeeze3 | |
tiff | eq | 3.9.4-5+squeeze4 | |
tiff | eq | 3.9.4-5+squeeze5 | |
tiff | eq | 3.9.4-5+squeeze6 | |
tiff | eq | 3.9.4-5+squeeze7 |