CVE-2009-2285

Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327.

Date published : 2009-07-01

http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html

http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html