CVE-2009-2285
Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327.
Date published : 2009-07-01
http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html