BugTraq
iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability Dec 21 2004 10:09PM
customer service mailbox (customerservice idefense com) (3 replies)
Re: iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability Dec 27 2004 10:37AM
Marcus Meissner (meissner suse de)
On Tue, Dec 21, 2004 at 05:09:30PM -0500, customer service mailbox wrote:
> libtiff STRIPOFFSETS Integer Overflow Vulnerability
>
> iDEFENSE Security Advisory 12.21.04
> www.idefense.com/application/poi/display?id=173&type=vulnerabilities
> December 21, 2004
....

> The overflow occurs in the parsing of TIFF files set with the
> STRIPOFFSETS flag in libtiff/tif_dirread.c. In the TIFFFetchStripThing()
>
> function, the number of strips (nstrips) is used directly in a
> CheckMalloc() routine without sanity checking. The call ultimately boils
>
> - SuSE Linux

This problem had already been fixed in SUSE Linux with the last libtiff
update:
http://www.novell.com/linux/security/advisories/2004_38_libtiff.html

Ciao, Marcus

[ reply ]
Re: iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability Dec 23 2004 11:58AM
Moritz Muehlenhoff (muehlenhoff univention de)
Re: iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability Dec 22 2004 11:45AM
Dmitry V. Levin (ldv altlinux org)


 

Privacy Statement
Copyright 2010, SecurityFocus