[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2011:0392-01 -- Redhat libtiff

ID: oval:org.secpod.oval:def:500127Date: (C)2012-01-31   (M)2023-12-07
Class: PATCHFamily: unix




The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF files encoded with a 4-bit run-length encoding scheme from ThunderScan. An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. This update also fixes the following bug: * The RHSA-2011:0318 libtiff update introduced a regression that prevented certain TIFF Internet Fax image files, compressed with the CCITT Group 4 compression algorithm, from being read. All libtiff users should upgrade to these updated packages, which contain a backported patch to resolve these issues. All running applications linked against libtiff must be restarted for this update to take effect.

Platform:
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 4
Product:
libtiff
Reference:
RHSA-2011:0392-01
CVE-2011-1167
CVE    1
CVE-2011-1167
CPE    51
cpe:/a:libtiff:libtiff:3.9.2-5.2.1
cpe:/a:libtiff:libtiff
cpe:/a:libtiff:libtiff:3.8.0
cpe:/a:libtiff:libtiff:3.6.1
...

© SecPod Technologies