CVE-2013-4232

Priority
Low
Description
Use-after-free vulnerability in the t2p_readwrite_pdf_image function in
tools/tiff2pdf.c in libtiff 4.0.3 allows remote attackers to cause a denial
of service (crash) or possible execute arbitrary code via a crafted TIFF
image.
References
Bugs
Notes
 jdstrand> tiff3 does not build the tiff tools
Assigned-to
mdeslaur
Package
Source: tiff (LP Ubuntu Debian)
Upstream:released (4.0.3-2)
Ubuntu 12.04 LTS (Precise Pangolin):released (3.9.5-2ubuntu1.6)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (4.0.3-5ubuntu1)
Patches:
Upstream:cvs diff -u -r 1.71 -r 1.72 tools/tiff2pdf.c
Package
Source: tiff3 (LP Ubuntu Debian)
Upstream:not-affected
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:41:50 UTC (commit 9756)