| |||||||||||||||||||
Pardus alert 2010-81 (tiff)
------------------------------------------------------------------------ Pardus Linux Security Advisory 2010-81 security@pardus.org.tr ------------------------------------------------------------------------ Date: 2010-06-15 Severity: 3 Type: Local ------------------------------------------------------------------------ Summary ======= Multiple integer overflows have been fixed in tiff which can be used by malicious people to execute arbitrary code. Description =========== Multiple integer overflows in the handling of TIFF files may result in a heap buffer overflow. Opening a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution. These issues are addressed through improved bounds checking. Credit to Kevin Finisterre of digitalmunition.com for reporting this issue. Affected packages: Pardus 2009: tiff, all before 3.8.2-15-10 Resolution ========== There are update(s) for tiff. You can update them via Package Manager or with a single command from console: pisi up tiff References ========== * http://bugs.pardus.org.tr/show_bug.cgi?id=13197 ------------------------------------------------------------------------ _______________________________________________ Pardus-security mailing list Pardus-security@pardus.org.tr http://liste.pardus.org.tr/mailman/listinfo/pardus-security (Log in to post comments)
|
|||||||||||||||||||