Use-after-free vulnerability in the t2p_readwrite_pdf_image function in tools/tiff2pdf.c in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted TIFF image.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Libtiff | Libtiff | 4.0.3 (including) | 4.0.3 (including) |
| Red Hat Enterprise Linux 5 | RedHat | libtiff-0:3.8.2-19.el5_10 | * |
| Red Hat Enterprise Linux 6 | RedHat | libtiff-0:3.9.4-10.el6_5 | * |
| Tiff | Ubuntu | lucid | * |
| Tiff | Ubuntu | precise | * |
| Tiff | Ubuntu | quantal | * |
| Tiff | Ubuntu | raring | * |
| Tiff | Ubuntu | saucy | * |
| Tiff | Ubuntu | upstream | * |
References
- http://bugzilla.maptools.org/show_bug.cgi?id=2449
- http://rhn.redhat.com/errata/RHSA-2014-0223.html
- http://secunia.com/advisories/54543
- http://secunia.com/advisories/54628
- http://www.asmail.be/msg0055359936.html
- http://www.debian.org/security/2013/dsa-2744
- http://www.openwall.com/lists/oss-security/2013/08/10/2
- https://bugzilla.redhat.com/show_bug.cgi?id=995975
- http://bugzilla.maptools.org/show_bug.cgi?id=2449
- http://rhn.redhat.com/errata/RHSA-2014-0223.html
- http://secunia.com/advisories/54543
- http://secunia.com/advisories/54628
- http://www.asmail.be/msg0055359936.html
- http://www.debian.org/security/2013/dsa-2744
- http://www.openwall.com/lists/oss-security/2013/08/10/2
- https://bugzilla.redhat.com/show_bug.cgi?id=995975