CVE-2010-1411
CVE-2010-1411
Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as used in ImageIO in Apple Mac OS X 10.5.8 and Mac OS X 10.6 before 10.6.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2010//Jun/msg00002.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-July/043769.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-July/043835.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.htmlhttp://marc.info/?l=oss-security&m=127731610612908&w=2https://bugzilla.redhat.com/show_bug.cgi?id=592361http://secunia.com/advisories/40181http://secunia.com/advisories/40196http://secunia.com/advisories/40220http://secunia.com/advisories/40381http://secunia.com/advisories/40478