Mandriva Linux Security Advisory 2012-174 - Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format. ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow. The updated packages have been patched to correct these issues.
77a768adbe80cd4b982ace89f614bb542baed7f98b9bac2b9895f19f597fdf85-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2012:174
http://www.mandriva.com/security/
_______________________________________________________________________
Package : libtiff
Date : November 22, 2012
Affected: 2011., Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities was found and corrected in libtiff:
Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3
allows remote attackers to cause a denial of service (application
crash) and possibly execute arbitrary code via a crafted TIFF image
using the PixarLog Compression format (CVE-2012-4447).
ppm2tiff does not check the return value of the TIFFScanlineSize
function, which allows remote attackers to cause a denial of service
(crash) and possibly execute arbitrary code via a crafted PPM image
that triggers an integer overflow, a zero-memory allocation, and a
heap-based buffer overflow (CVE-2012-4564).
The updated packages have been patched to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4564
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2011:
1c3b7205e5c9c032c342b3cffdaaa4e0 2011/i586/libtiff3-3.9.5-1.4-mdv2011.0.i586.rpm
01033b253d303aacc572a55202ecdbda 2011/i586/libtiff-devel-3.9.5-1.4-mdv2011.0.i586.rpm
bfe4f6d0387874084596b8ba4d503229 2011/i586/libtiff-progs-3.9.5-1.4-mdv2011.0.i586.rpm
fa39228d1a7ab0fea42beda812651976 2011/i586/libtiff-static-devel-3.9.5-1.4-mdv2011.0.i586.rpm
23dfc5da956a6b0a20fa8a22a9eeb3c0 2011/SRPMS/libtiff-3.9.5-1.4.src.rpm
Mandriva Linux 2011/X86_64:
fd52f90d6f819996e58193b261cdb27b 2011/x86_64/lib64tiff3-3.9.5-1.4-mdv2011.0.x86_64.rpm
d818311ad57d872948357a9265e1fbfa 2011/x86_64/lib64tiff-devel-3.9.5-1.4-mdv2011.0.x86_64.rpm
fca4bcdb23487d73da93f88107d051e1 2011/x86_64/lib64tiff-static-devel-3.9.5-1.4-mdv2011.0.x86_64.rpm
b7ebfba2f1c200c0946582fdff7bb1ff 2011/x86_64/libtiff-progs-3.9.5-1.4-mdv2011.0.x86_64.rpm
23dfc5da956a6b0a20fa8a22a9eeb3c0 2011/SRPMS/libtiff-3.9.5-1.4.src.rpm
Mandriva Enterprise Server 5:
157bb1f11666282583f7fccb899ea8d0 mes5/i586/libtiff3-3.8.2-12.9mdvmes5.2.i586.rpm
5f674bd895134e591a9fa5e59b311d62 mes5/i586/libtiff3-devel-3.8.2-12.9mdvmes5.2.i586.rpm
2bd89b0b77b0ec1ae01189baa798d522 mes5/i586/libtiff3-static-devel-3.8.2-12.9mdvmes5.2.i586.rpm
c53d009a1d82b7be97e4405f422e2e0f mes5/i586/libtiff-progs-3.8.2-12.9mdvmes5.2.i586.rpm
e5181e34b5feb4ca18a0498d29065cb5 mes5/SRPMS/libtiff-3.8.2-12.9mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64:
62dd7b0a037b19d7d95aff18d8dd9291 mes5/x86_64/lib64tiff3-3.8.2-12.9mdvmes5.2.x86_64.rpm
28a4bd37d769b3136fcc31f7d64bf67b mes5/x86_64/lib64tiff3-devel-3.8.2-12.9mdvmes5.2.x86_64.rpm
a19fd768a016968b5b733ee0e29f1bb9 mes5/x86_64/lib64tiff3-static-devel-3.8.2-12.9mdvmes5.2.x86_64.rpm
bd7688430b424fcfdea1c73a2b5696de mes5/x86_64/libtiff-progs-3.8.2-12.9mdvmes5.2.x86_64.rpm
e5181e34b5feb4ca18a0498d29065cb5 mes5/SRPMS/libtiff-3.8.2-12.9mdvmes5.2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFQrgq2mqjQ0CJFipgRAkByAJ0diVceShgchgAtC0eezhdmEq96DACfbGBz
F9ViBvaHWjx2gEEl9A/dRVE=
=bIj/
-----END PGP SIGNATURE-----
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed