MGASA-2013-0291

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2013-0291.html

Import Source

https://advisories.mageia.org/MGASA-2013-0291.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2013-0291

Related

CVE-2013-4243

Published

2013-09-24T21:43:52Z

Modified

2013-09-24T21:43:48Z

Summary

Updated libtiff package fixes security vulnerability

Details

A possible heap-based buffer overflow flaw was found in the readgifimage function in gif2tiff, a tool to convert GIF images to TIFF. A remote attacker could provide a specially-crafted GIF file that, when processed by gif2tiff, would cause gif2tiff to crash or, potentially, execute arbitrary code with the privileges of the user running gif2tiff (CVE-2013-4243).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:2 / libtiff

Package

Name: libtiff
Purl: pkg:rpm/mageia/libtiff?distro=mageia-2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.0.1-2.9.mga2

Ecosystem specific

{
    "section": "core"
}

Mageia:3 / libtiff

Package

Name: libtiff
Purl: pkg:rpm/mageia/libtiff?distro=mageia-3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.0.3-4.3.mga3

Ecosystem specific

{
    "section": "core"
}