Debian Security Advisory DSA-567-1. This details which versions of libtiff are affected by issues where specially crafted TIFF graphics could cause a vulnerable client to execute arbitrary code or crash.
e6089c62829498e595eec24a1b8b72a8573af06c6629f2d9ee6f052b3daaa83f
Debian Security Advisory
DSA-567-1 tiff -- heap overflows
Date Reported:
15 Oct 2004
Affected Packages:
[9]tiff
Vulnerable:
Yes
Security database references:
In Mitre's CVE dictionary: [10]CAN-2004-0803,
[11]CAN-2004-0804, [12]CAN-2004-0886.
More information:
Several problems have been discovered in libtiff, the Tag Image
File Format library for processing TIFF graphics files. An
attacker could prepare a specially crafted TIFF graphic that
would cause the client to execute arbitrary code or crash. The
Common Vulnerabilities and Exposures Project has identified the
following problems:
+ [13]CAN-2004-0803
Chris Evans discovered several problems in the RLE (run
length encoding) decoders that could lead to arbitrary code
execution.
+ [14]CAN-2004-0804
Matthias Clasen discovered a division by zero through an
integer overflow.
+ [15]CAN-2004-0886
Dmitry V. Levin discovered several integer overflows that
caused malloc issues which can result to either plain crash
or memory corruption.
For the stable distribution (woody) these problems have been
fixed in version 3.5.5-6woody1.
For the unstable distribution (sid) these problems have been
fixed in version 3.6.1-2.
We recommend that you upgrade your libtiff package.
Fixed in:
Debian GNU/Linux 3.0 (woody)
Source:
[16]http://security.debian.org/pool/updates/main/t/tiff/t
iff_3.5.5-6woody1.dsc
[17]http://security.debian.org/pool/updates/main/t/tiff/t
iff_3.5.5-6woody1.diff.gz
[18]http://security.debian.org/pool/updates/main/t/tiff/t
iff_3.5.5.orig.tar.gz
Alpha:
[19]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff-tools_3.5.5-6woody1_alpha.deb
[20]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff3g_3.5.5-6woody1_alpha.deb
[21]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff3g-dev_3.5.5-6woody1_alpha.deb
ARM:
[22]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff-tools_3.5.5-6woody1_arm.deb
[23]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff3g_3.5.5-6woody1_arm.deb
[24]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff3g-dev_3.5.5-6woody1_arm.deb
Intel IA-32:
[25]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff-tools_3.5.5-6woody1_i386.deb
[26]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff3g_3.5.5-6woody1_i386.deb
[27]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff3g-dev_3.5.5-6woody1_i386.deb
Intel IA-64:
[28]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff-tools_3.5.5-6woody1_ia64.deb
[29]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff3g_3.5.5-6woody1_ia64.deb
[30]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff3g-dev_3.5.5-6woody1_ia64.deb
HPPA:
[31]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff-tools_3.5.5-6woody1_hppa.deb
[32]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff3g_3.5.5-6woody1_hppa.deb
[33]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff3g-dev_3.5.5-6woody1_hppa.deb
Motorola 680x0:
[34]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff-tools_3.5.5-6woody1_m68k.deb
[35]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff3g_3.5.5-6woody1_m68k.deb
[36]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff3g-dev_3.5.5-6woody1_m68k.deb
Big endian MIPS:
[37]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff-tools_3.5.5-6woody1_mips.deb
[38]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff3g_3.5.5-6woody1_mips.deb
[39]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff3g-dev_3.5.5-6woody1_mips.deb
Little endian MIPS:
[40]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff-tools_3.5.5-6woody1_mipsel.deb
[41]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff3g_3.5.5-6woody1_mipsel.deb
[42]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff3g-dev_3.5.5-6woody1_mipsel.deb
PowerPC:
[43]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff-tools_3.5.5-6woody1_powerpc.deb
[44]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff3g_3.5.5-6woody1_powerpc.deb
[45]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff3g-dev_3.5.5-6woody1_powerpc.deb
IBM S/390:
[46]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff-tools_3.5.5-6woody1_s390.deb
[47]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff3g_3.5.5-6woody1_s390.deb
[48]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff3g-dev_3.5.5-6woody1_s390.deb
Sun Sparc:
[49]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff-tools_3.5.5-6woody1_sparc.deb
[50]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff3g_3.5.5-6woody1_sparc.deb
[51]http://security.debian.org/pool/updates/main/t/tiff/l
ibtiff3g-dev_3.5.5-6woody1_sparc.deb
MD5 checksums of the listed files are available in the
[52]original advisory.