Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Ubuntu Local Security Checks --> Category: infos

USN277-1 : tiff vulnerabilities Vulnerability Scan

Vulnerability Scan Summary
tiff vulnerabilities

Detailed Explanation for this Vulnerability Test

Synopsis :

These remote packages are missing security patches :
- libtiff-opengl
- libtiff-tools
- libtiff4
- libtiff4-dev
- libtiffxx0c2

Description :

Tavis Ormandy and Andrey Kiselev discovered that libtiff did not
sufficiently verify the validity of TIFF files. By tricking an user
into opening a specially crafted TIFF file with any application that
uses libtiff, a possible hacker could exploit this to crash the application
or even execute arbitrary code with the application's rights.

Solution :

Upgrade to :
- libtiff-opengl-3.7.3-1ubuntu1.1 (Ubuntu 5.10)
- libtiff-tools-3.7.3-1ubuntu1.1 (Ubuntu 5.10)
- libtiff4-3.7.3-1ubuntu1.1 (Ubuntu 5.10)
- libtiff4-dev-3.7.3-1ubuntu1.1 (Ubuntu 5.10)
- libtiffxx0c2-3.7.3-1ubuntu1.1 (Ubuntu 5.10)

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.