Date: Sun, 21 Jun 2009 17:14:24 -0700 From: Kees Cook <kees@...ntu.com> To: oss-security@...ts.openwall.com Subject: libtiff buffer underflow in LZWDecodeCompat A crafted TIFF can crash libtiff in LZWDecodeCompat via underflow (different from CVE-2008-2327). Based on discussions and a quick analysis, I don't think this is exploitable, but it does lead to crashes in any application using libtiff. I've reported it upstream, with the attached patch. Has anyone else looked this over? -Kees  http://www.lan.st/showthread.php?t=1856&page=3  https://bugs.launchpad.net/bugs/380149  http://bugzilla.maptools.org/show_bug.cgi?id=2065 -- Kees Cook Ubuntu Security Team View attachment "lzw_underflow.patch" of type "text/x-diff" (681 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ