Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Libtiff | Libtiff | 3.4 (including) | 3.4 (including) |
Libtiff | Libtiff | 3.5.1 (including) | 3.5.1 (including) |
Libtiff | Libtiff | 3.5.2 (including) | 3.5.2 (including) |
Libtiff | Libtiff | 3.5.3 (including) | 3.5.3 (including) |
Libtiff | Libtiff | 3.5.4 (including) | 3.5.4 (including) |
Libtiff | Libtiff | 3.5.5 (including) | 3.5.5 (including) |
Libtiff | Libtiff | 3.5.7 (including) | 3.5.7 (including) |
Libtiff | Libtiff | 3.6.0 (including) | 3.6.0 (including) |
Libtiff | Libtiff | 3.6.1 (including) | 3.6.1 (including) |
Pdf_library | Pdflib | 5.0.2 (including) | 5.0.2 (including) |
Wxgtk2 | Wxgtk2 | * | * |
Wxgtk2 | Wxgtk2 | 2.5_.0 (including) | 2.5_.0 (including) |
Red Hat Enterprise Linux 3 | RedHat | libtiff-0:3.5.7-20.1 | * |
Red Hat Enterprise Linux 3 | RedHat | kdegraphics-7:3.1.3-3.7 | * |
Red Hat Enterprise Linux 3 | RedHat | tetex-0:1.0.7-67.7 | * |
Tiff | Ubuntu | dapper | * |
Tiff | Ubuntu | devel | * |
Tiff | Ubuntu | edgy | * |
Tiff | Ubuntu | feisty | * |