Libtiff supports reading, writing, and manipulating of TIFF image files. iDEFENSE reported an integer overflow in libtiff that can be exploited by specific TIFF images to trigger a heap-based buffer overflow afterwards.
There is no workaround known.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE | 9.0 | x86_64 | libtiff | <Â 3.5.7-379 | libtiff-3.5.7-379.x86_64.rpm |
openSUSE | 9.0 | i586 | tiff | <Â 3.5.7-379 | tiff-3.5.7-379.i586.rpm |
openSUSE | 9.2 | x86_64 | libtiff-devel | <Â 3.6.1-47.4 | libtiff-devel-3.6.1-47.4.x86_64.rpm |
openSUSE | 8.2 | i586 | tiff | <Â 3.5.7-379 | tiff-3.5.7-379.i586.rpm |
openSUSE | 8.2 | i586 | libtiff | <Â 3.5.7-379 | libtiff-3.5.7-379.i586.rpm |
openSUSE | 9.1 | x86_64 | tiff | <Â 3.6.1-38.14 | tiff-3.6.1-38.14.x86_64.rpm |
openSUSE | 9.2 | i586 | tiff | <Â 3.6.1-47.4 | tiff-3.6.1-47.4.i586.rpm |
openSUSE | 9.2 | x86_64 | tiff | <Â 3.6.1-47.4 | tiff-3.6.1-47.4.x86_64.rpm |
openSUSE | 9.2 | i586 | libtiff | <Â 3.6.1-47.4 | libtiff-3.6.1-47.4.i586.rpm |
openSUSE | 9.1 | i586 | libtiff | <Â 3.6.1-38.14 | libtiff-3.6.1-38.14.i586.rpm |