Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2005:142: libtiff Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the libtiff package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2005:142 (libtiff).
Wouter Hanegraaff discovered that the TIFF library did not sufficiently
validate the 'YCbCr subsampling' value in TIFF image headers. Decoding a
malicious image with a zero value resulted in an arithmetic exception, which
can cause a program that uses the TIFF library to crash.
The updated packages are patched to protect against this vulnerability.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:142
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.