|
Family: Ubuntu Local Security Checks --> Category: infos
USN54-1 : tiff vulnerability Vulnerability Scan
Vulnerability Scan Summary tiff vulnerability
Detailed Explanation for this Vulnerability Test
Synopsis :
These remote packages are missing security patches :
- libtiff-tools
- libtiff4
- libtiff4-dev
Description :
Dmitry V. Levin discovered a buffer overflow in the "tiffdump"
utility. If a possible hacker tricked a user into processing a malicious
TIFF image with tiffdump, they could cause a buffer overflow which at
least causes the program to crash. However, it is not entirely clear
whether this can be exploited to execute arbitrary code with the
rights of the user opening the image.
Solution :
Upgrade to :
- libtiff-tools-3.6.1-1.1ubuntu1.2 (Ubuntu 4.10)
- libtiff4-3.6.1-1.1ubuntu1.2 (Ubuntu 4.10)
- libtiff4-dev-3.6.1-1.1ubuntu1.2 (Ubuntu 4.10)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|