Computer Security
[EN] securityvulns.ru no-pyccku


libtiff buffer overflow
updated since 28.10.2012
Published:18.11.2012
Source:
SecurityVulns ID:12671
Type:library
Threat Level:
6/10
Description:Buffer overflow on PixarLog comperssion parsing, ppm2tiff buffer overflow.
Affected:LIBTIFF : libtiff 4.0
CVE:CVE-2012-4564 (ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow.)
 CVE-2012-4447 (Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2561-1] tiff security update (28.10.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod