LibTIFF 'DOTRANGE' Tags Handling Remote Buffer Overflow Vulnerability

LibTIFF is prone to a stack-based buffer-overflow vulnerability because it fails to properly bounds check user-supplied data before copying it into an insufficiently sized buffer.

Successful exploits allow an attacker to execute arbitrary malicious code in the context of the application using the affected library. Failed exploit attempts will likely crash the application.

This issue is fixed in LibTIFF 4.0.2.


 

Privacy Statement
Copyright 2010, SecurityFocus