Wind River Support Network

HomeDefectsLIN6-6758
Fixed

LIN6-6758 : Security Advisory - libtiff - CVE-2013-4231

Created: Feb 16, 2014    Updated: Dec 3, 2018
Resolved Date: Apr 8, 2014
Previous ID: LIN3-35668
Found In Version: 6.0.0.6
Fix Version: 6.0.0.6
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace

Description

Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3) a long filename for a TIFF image to tools/rgb2ycbcr.c.  NOTE: vectors 1 and 3 are disputed by Red Hat, which states that the input cannot exceed the allocated buffer size.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4231

Other Downloads


Live chat
Online