LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Kernel prepatch 3.9-rc6

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

libtiff: code execution

Package(s):tiff CVE #(s):CVE-2012-4564
Created:November 15, 2012 Updated:December 31, 2012
Description:

From the Ubuntu advisory:

Huzaifa S. Sidhpurwala discovered that the ppm2tiff tool incorrectly handled certain malformed PPM images. If a user or automated system were tricked into opening a specially crafted PPM image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. (CVE-2012-4564)

Alerts:
Ubuntu USN-1631-1 2012-11-15
Mageia MGASA-2012-0332 2012-11-17
Debian DSA-2575-1 2012-11-18
Mandriva MDVSA-2012:174 2012-11-22
Red Hat RHSA-2012:1590-01 2012-12-18
CentOS CESA-2012:1590 2012-12-19
CentOS CESA-2012:1590 2012-12-19
Oracle ELSA-2012-1590 2012-12-18
Oracle ELSA-2012-1590 2012-12-19
Scientific Linux SL-libt-20121219 2012-12-19
Fedora FEDORA-2012-20446 2012-12-31
Fedora FEDORA-2012-20404 2012-12-31
openSUSE openSUSE-SU-2013:0187-1 2013-01-23
Mandriva MDVSA-2013:046 2013-04-05
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds