Lucene search

K
seebugRootSSV:3922
HistoryAug 27, 2008 - 12:00 a.m.

LibTIFF 'tif_lzw.c'远程整数下溢漏洞

2008-08-2700:00:00
Root
www.seebug.org
22

EPSS

0.008

Percentile

81.9%

BUGTRAQ ID:30832
CVE ID:CVE-2008-2327
CNCVE ID:CNCVE-20082327

LibTiff是一款负责对TIFF图象格式进行编码/解码的应用库。
LibTIFF 'tif_lzw.c’存在整数下溢问题,远程攻击者可以利用漏洞以链接此库的应用程序权限执行任意指令。
libtiff/tif_lzw.c代码中的"LZWDecode()"和"LZWDecodeCompat()"函数存在错误,通过构建特殊的TIFF文件,诱使用户访问,可触发缓冲区下溢,导致以链接此库的应用程序权限执行任意指令。

LibTIFF LibTIFF 3.8.2

  • Debian Linux 3.1 sparc
  • Debian Linux 3.1 s/390
  • Debian Linux 3.1 ppc
  • Debian Linux 3.1 mipsel
  • Debian Linux 3.1 mips
  • Debian Linux 3.1 m68k
  • Debian Linux 3.1 ia-64
  • Debian Linux 3.1 ia-32
  • Debian Linux 3.1 hppa
  • Debian Linux 3.1 arm
  • Debian Linux 3.1 alpha
  • Debian Linux 3.1
    LibTIFF LibTIFF 3.7.2
  • Debian Linux 3.1 sparc
  • Debian Linux 3.1 s/390
  • Debian Linux 3.1 ppc
  • Debian Linux 3.1 mipsel
  • Debian Linux 3.1 mips
  • Debian Linux 3.1 m68k
  • Debian Linux 3.1 ia-64
  • Debian Linux 3.1 ia-32
  • Debian Linux 3.1 hppa
  • Debian Linux 3.1 arm
  • Debian Linux 3.1 alpha
  • Debian Linux 3.1
    Debian Linux 4.0 sparc
    Debian Linux 4.0 s/390
    Debian Linux 4.0 powerpc
    Debian Linux 4.0 mipsel
    Debian Linux 4.0 mips
    Debian Linux 4.0 m68k
    Debian Linux 4.0 ia-64
    Debian Linux 4.0 ia-32
    Debian Linux 4.0 hppa
    Debian Linux 4.0 arm
    Debian Linux 4.0 amd64
    Debian Linux 4.0 alpha
    Debian Linux 4.0

Debian Linux操作系统可参考如下升级程序:
Debian Linux 4.0 amd64
Debian libtiff-opengl_3.8.2-7+etch1_amd64.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8</a> .2-7+etch1_amd64.deb
Debian libtiff-tools_3.8.2-7+etch1_amd64.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.</a> 2-7+etch1_amd64.deb
Debian libtiff4-dev_3.8.2-7+etch1_amd64.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2</a> -7+etch1_amd64.deb
Debian libtiff4_3.8.2-7+etch1_amd64.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-7+e” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-7+e</a> tch1_amd64.deb
Debian libtiffxx0c2_3.8.2-7+etch1_amd64.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2</a> -7+etch1_amd64.deb
Debian Linux 4.0 mipsel
Debian libtiff-opengl_3.8.2-7+etch1_mipsel.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8</a> .2-7+etch1_mipsel.deb
Debian libtiff-tools_3.8.2-7+etch1_mipsel.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.</a> 2-7+etch1_mipsel.deb
Debian libtiff4-dev_3.8.2-7+etch1_mipsel.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2</a> -7+etch1_mipsel.deb
Debian libtiff4_3.8.2-7+etch1_mipsel.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-7+e” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-7+e</a> tch1_mipsel.deb
Debian libtiffxx0c2_3.8.2-7+etch1_mipsel.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2</a> -7+etch1_mipsel.deb
Debian Linux 4.0 ia-32
Debian libtiff-opengl_3.8.2-7+etch1_i386.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8</a> .2-7+etch1_i386.deb
Debian libtiff-tools_3.8.2-7+etch1_i386.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.</a> 2-7+etch1_i386.deb
Debian libtiff4-dev_3.8.2-7+etch1_i386.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2</a> -7+etch1_i386.deb
Debian libtiff4_3.8.2-7+etch1_i386.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-7+e” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-7+e</a> tch1_i386.deb
Debian libtiffxx0c2_3.8.2-7+etch1_i386.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2</a> -7+etch1_i386.deb
Debian Linux 4.0 hppa
Debian libtiff-opengl_3.8.2-7+etch1_hppa.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8</a> .2-7+etch1_hppa.deb
Debian libtiff-tools_3.8.2-7+etch1_hppa.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.</a> 2-7+etch1_hppa.deb
Debian libtiff4-dev_3.8.2-7+etch1_hppa.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2</a> -7+etch1_hppa.deb
Debian libtiff4_3.8.2-7+etch1_hppa.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-7+e” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-7+e</a> tch1_hppa.deb
Debian libtiffxx0c2_3.8.2-7+etch1_hppa.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2</a> -7+etch1_hppa.deb
Debian Linux 4.0 sparc
Debian libtiff-opengl_3.8.2-7+etch1_sparc.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8</a> .2-7+etch1_sparc.deb
Debian libtiff-tools_3.8.2-7+etch1_sparc.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.</a> 2-7+etch1_sparc.deb
Debian libtiff4-dev_3.8.2-7+etch1_sparc.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2</a> -7+etch1_sparc.deb
Debian libtiff4_3.8.2-7+etch1_sparc.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-7+e” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-7+e</a> tch1_sparc.deb
Debian libtiffxx0c2_3.8.2-7+etch1_sparc.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2</a> -7+etch1_sparc.deb
Debian Linux 4.0 s/390
Debian libtiff-opengl_3.8.2-7+etch1_s390.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8</a> .2-7+etch1_s390.deb
Debian libtiff-tools_3.8.2-7+etch1_s390.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.</a> 2-7+etch1_s390.deb
Debian libtiff4-dev_3.8.2-7+etch1_s390.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2</a> -7+etch1_s390.deb
Debian libtiff4_3.8.2-7+etch1_s390.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-7+e” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-7+e</a> tch1_s390.deb
Debian libtiffxx0c2_3.8.2-7+etch1_s390.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2</a> -7+etch1_s390.deb
Debian Linux 4.0 powerpc
Debian libtiff-opengl_3.8.2-7+etch1_powerpc.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8</a> .2-7+etch1_powerpc.deb
Debian libtiff-tools_3.8.2-7+etch1_powerpc.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.</a> 2-7+etch1_powerpc.deb
Debian libtiff4-dev_3.8.2-7+etch1_powerpc.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2</a> -7+etch1_powerpc.deb
Debian libtiff4_3.8.2-7+etch1_powerpc.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-7+e” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-7+e</a> tch1_powerpc.deb
Debian libtiffxx0c2_3.8.2-7+etch1_powerpc.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2</a> -7+etch1_powerpc.deb
Debian Linux 4.0 alpha
Debian libtiff-opengl_3.8.2-7+etch1_alpha.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8</a> .2-7+etch1_alpha.deb
Debian libtiff-tools_3.8.2-7+etch1_alpha.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.</a> 2-7+etch1_alpha.deb
Debian libtiff4-dev_3.8.2-7+etch1_alpha.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2</a> -7+etch1_alpha.deb
Debian libtiff4_3.8.2-7+etch1_alpha.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-7+e” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-7+e</a> tch1_alpha.deb
Debian libtiffxx0c2_3.8.2-7+etch1_alpha.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2</a> -7+etch1_alpha.deb
Debian Linux 4.0 ia-64
Debian libtiff-opengl_3.8.2-7+etch1_ia64.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8</a> .2-7+etch1_ia64.deb
Debian libtiff-tools_3.8.2-7+etch1_ia64.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.</a> 2-7+etch1_ia64.deb
Debian libtiff4-dev_3.8.2-7+etch1_ia64.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2</a> -7+etch1_ia64.deb
Debian libtiff4_3.8.2-7+etch1_ia64.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-7+e” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-7+e</a> tch1_ia64.deb
Debian libtiffxx0c2_3.8.2-7+etch1_ia64.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2</a> -7+etch1_ia64.deb
Debian Linux 4.0 mips
Debian libtiff-opengl_3.8.2-7+etch1_mips.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8</a> .2-7+etch1_mips.deb
Debian libtiff-tools_3.8.2-7+etch1_mips.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.</a> 2-7+etch1_mips.deb
Debian libtiff4-dev_3.8.2-7+etch1_mips.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2</a> -7+etch1_mips.deb
Debian libtiff4_3.8.2-7+etch1_mips.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-7+e” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-7+e</a> tch1_mips.deb
Debian libtiffxx0c2_3.8.2-7+etch1_mips.deb
<a href=“http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2” target=“_blank”>http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2</a> -7+etch1_mips.deb