exploit the possibilities
Showing 1 - 1 of 1 RSS Feed

Files

Mandriva Linux Security Advisory 2010-146
Posted Aug 6, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-146 - The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service via a crafted TIFF image that triggers an array index error, related to downsampled OJPEG input. Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3 allow remote attackers to execute arbitrary code or cause a denial of service via a crafted TIFF file that triggers a heap-based buffer overflow. Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow. The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service via a TIFF file with an invalid combination of SamplesPerPixel and Photometric values. The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service via a crafted TIFF image, related to downsampled OJPEG input and possibly related to a compiler optimization that triggers a divide-by-zero error. The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file. Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file. tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF image, related to downsampled OJPEG input. LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service via a crafted TIFF file, a different vulnerability than CVE-2010-2443. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2010-2595, CVE-2010-1411, CVE-2010-2065, CVE-2010-2483, CVE-2010-2597, CVE-2010-2481, CVE-2010-2067, CVE-2010-2233, CVE-2010-2482
MD5 | 40631af2a0f8063cb9fc05b84d48cfbb
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
We Asked Def Con Attendees Why People Are Still Getting Hacked
Posted Aug 16, 2019

tags | headline, hacker, conference
Judge Orders Georgia To Switch To Paper Ballots For 2020 Elections
Posted Aug 16, 2019

tags | headline, government, usa, fraud
Huawei Africa Spying Claims Denied
Posted Aug 16, 2019

tags | headline, government, china, africa, spyware, facebook
Trump Admin Wants To Extend NSA Phone Surveillance Program
Posted Aug 16, 2019

tags | headline, government, privacy, usa, phone, spyware, nsa
Amazon's Rekognition Software Can Now Spot Fear
Posted Aug 15, 2019

tags | headline, amazon, science
Biostar Security Software Leaked A Million Fingerprints
Posted Aug 15, 2019

tags | headline, data loss, password
Trend Micro Fixes Privilege Escalation Flaw In Password Manager
Posted Aug 15, 2019

tags | headline, flaw, password, patch
700,000 Choice Hotels Records Leaked In Data Breach, Ransom Demanded
Posted Aug 15, 2019

tags | headline, privacy, database, data loss
Facebook Latest To Admit Their Contractors Snoop On Your Conversations
Posted Aug 14, 2019

tags | headline, privacy, facebook, social
Adobe Security Patch Update Covers Quite A Bit
Posted Aug 14, 2019

tags | headline, flaw, adobe, patch
View More News →
packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close