Ubuntu Security Notice 639-1 - Drew Yao discovered that the TIFF library did not correctly validate LZW compressed TIFF images. If a user or automated system were tricked into processing a malicious image, a remote attacker could execute arbitrary code or cause an application linked against libtiff to crash, leading to a denial of service.
7425ed6ce5a705daa62cf3c489f5af480a0daa6f5c020b5c007d7196b3cb683c