Wind River Support Network

HomeDefectsLIN5-18073
Fixed

LIN5-18073 : Security Advisory - libtiff - CVE-2013-4231

Created: Feb 16, 2014    Updated: Dec 19, 2017
Resolved Date: Apr 8, 2014
Found In Version: 5.0.1.14
Fix Version: 5.0.1.14
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Userspace

Description

Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3) a long filename for a TIFF image to tools/rgb2ycbcr.c.  NOTE: vectors 1 and 3 are disputed by Red Hat, which states that the input cannot exceed the allocated buffer size.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4231

Other Downloads


Live chat
Online