| Descripción: | Description:
The remote host is missing an update to libtiff
announced via advisory MDVSA-2010:145.
Multiple vulnerabilities has been discovered and corrected in libtiff:
The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in
ImageMagick, does not properly handle invalid ReferenceBlackWhite
values, which allows remote attackers to cause a denial of service
(application crash) via a crafted TIFF image that triggers an array
index error, related to downsampled OJPEG input. (CVE-2010-2595)
Multiple integer overflows in the Fax3SetupState function in tif_fax3.c
in the FAX3 decoder in LibTIFF before 3.9.3 allow remote attackers to
execute arbitrary code or cause a denial of service (application crash)
via a crafted TIFF file that triggers a heap-based buffer overflow
(CVE-2010-1411).
Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3
allows remote attackers to cause a denial of service (application
crash) or possibly execute arbitrary code via a crafted TIFF file
that triggers a buffer overflow (CVE-2010-2065).
The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers
to cause a denial of service (out-of-bounds read and application crash)
via a TIFF file with an invalid combination of SamplesPerPixel and
Photometric values (CVE-2010-2483).
The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2
makes incorrect calls to the TIFFGetField function, which allows
remote attackers to cause a denial of service (application crash) via
a crafted TIFF image, related to downsampled OJPEG input and possibly
related to a compiler optimization that triggers a divide-by-zero error
(CVE-2010-2597).
The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly
handle unknown tag types in TIFF directory entries, which allows
remote attackers to cause a denial of service (out-of-bounds read
and application crash) via a crafted TIFF file (CVE-2010-248).
Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct these issues.
Affected: 2008.0, 2009.0, 2009.1, Corporate 4.0, Enterprise Server 5.0
Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2010:145
Risk factor : High
CVSS Score:
6.8
|
