Bugtraq mailing list archives
Re: iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability
From: Marcus Meissner <meissner () suse de>
Date: Mon, 27 Dec 2004 11:37:02 +0100
On Tue, Dec 21, 2004 at 05:09:30PM -0500, customer service mailbox wrote:
libtiff STRIPOFFSETS Integer Overflow Vulnerability iDEFENSE Security Advisory 12.21.04 www.idefense.com/application/poi/display?id=173&type=vulnerabilities December 21, 2004
....
The overflow occurs in the parsing of TIFF files set with the STRIPOFFSETS flag in libtiff/tif_dirread.c. In the TIFFFetchStripThing() function, the number of strips (nstrips) is used directly in a CheckMalloc() routine without sanity checking. The call ultimately boils - SuSE Linux
This problem had already been fixed in SUSE Linux with the last libtiff update: http://www.novell.com/linux/security/advisories/2004_38_libtiff.html Ciao, Marcus
Attachment:
_bin
Description:
Current thread:
- iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability customer service mailbox (Dec 21)
- Re: iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability Dmitry V. Levin (Dec 22)
- Re: iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability Moritz Muehlenhoff (Dec 23)
- Re: iDEFENSE Security Advisory 12.21.04: libtiff STRIPOFFSETS Integer Overflow Vulnerability Marcus Meissner (Dec 28)