Computer Security
[EN] securityvulns.ru no-pyccku


libtiff tiff2pdf code execution
Published:13.08.2012
Source:
SecurityVulns ID:12508
Type:library
Threat Level:
5/10
Description:Code exeucution on tiff parsing.
Affected:LIBTIFF : libtiff 3.9
CVE:CVE-2012-3401 (The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow.)
Original documentdocumentMANDRIVA, [ MDVSA-2012:127 ] libtiff (13.08.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod