Download
| Alert*
oval:org.secpod.oval:def:17225
The host is installed with Apple Safari before 3.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a maliciously crafted TIFF image. Successful exploitation could allow attackers to crash the service or execute arbitrary code. oval:org.secpod.oval:def:301509 Drew Yaro of the Apple Product Security Team reported multiple uses of uninitialized values in libtiff"s LZW compression algorithm decoder. An attacker could create a carefully crafted LZW-encoded TIFF file that would cause an application linked to libtiff to crash or potentially execute arbitrary c ... oval:org.mitre.oval:def:7619 Drew Yao discovered that libTIFF, a library for handling the Tagged Image File Format, is vulnerable to a programming error allowing malformed tiff files to lead to a crash or execution of arbitrary code. oval:org.secpod.oval:def:17233 The host is missing a security update according to Apple advisory, APPLE-SA-2008-11-13. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to obtain sensitive inf ... oval:org.secpod.oval:def:102091 The libtiff package contains a library of functions for manipulating TIFF image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if you need to manipulate TIFF f ... |