CVE-2008-2327
CVE-2008-2327
Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.
Productos afectados
n/a · n/a¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://bugs.gentoo.org/show_bug.cgi?id=234080http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2008/Nov/msg00002.htmlhttp://lists.apple.com/archives/security-announce//2008/Sep/msg00005.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=458674http://secunia.com/advisories/31610http://secunia.com/advisories/31623http://secunia.com/advisories/31668http://secunia.com/advisories/31670http://secunia.com/advisories/31698http://secunia.com/advisories/31838