CVE-2012-3401
Published: 19 July 2012
The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow.
Notes
| Author | Note |
|---|---|
| mdeslaur | not included in 4.0.2 tiff2pdf is not packaged in tiff3 in quantal |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
tiff Launchpad, Ubuntu, Debian |
hardy |
Released
(3.8.2-7ubuntu3.13)
|
| lucid |
Released
(3.9.2-2ubuntu0.10)
|
|
| natty |
Released
(3.9.4-5ubuntu6.3)
|
|
| oneiric |
Released
(3.9.5-1ubuntu1.3)
|
|
| precise |
Released
(3.9.5-2ubuntu1.2)
|
|
| upstream |
Released
(3.9.6-7)
|
|
|
tiff3 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Does not exist
|
|
| natty |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| upstream |
Released
(4.0.2-2)
|