CVE-2012-3401

by Fred · 13/08/2012

The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow.

Date published : 2012-08-13

http://www.securityfocus.com/bid/54601

http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf

CVE-2012-3401

Similar

Recent Posts

Categories

CVE-2012-3401

Share this:

Similar

Recent Posts

Categories

Tags