|
|
|
|
| |
Credit:
The information has been provided by Tielei Wang.
The original article can be found at: http://www.ocert.org/advisories/ocert-2009-012.html
|
| |
Vulnerable Systems:
* libtiff version 4.0
The libtiff package ships a library, for reading and writing TIFF, as well as a small collection of tools for manipulating TIFF images. The cvt_whole_image function used in the tiff2rgba tool and the tiffcvt function used in the rgb2ycbcr tool do not properly validate the width and height of the image. Specific TIFF images with large width and height can be crafted to trigger the vulnerability.
A patch has been made available by the maintainer and further improved by Tom Lane of Red Hat.
Patch Availability:
Patch has been made available and it's expected to be committed to libtiff CVS.
CVE Information:
CVE-2009-2347
Disclosure Timeline:
2009-05-22: vulnerability report received
2009-05-22: contacted libtiff maintainer
2009-06-30: report resent to maintainer due to lack of response
2009-07-01: maintainer provides patch
2009-07-04: reporter confirm fixes
2009-07-04: oCERT requests one week embargo for vendor notification
2009-07-04: maintainer confirms embargo
2009-07-07: contacted affected vendors
2009-07-07: assigned CVE
2009-07-07: improved patch contributed by Tom Lane of Red Hat
2009-07-04: reporter acknowledges patch
2009-07-13: advisory release
|
|
|
|
|
