Advisories ยป MGASA-2013-0291

Updated libtiff package fixes security vulnerability

Publication date: 24 Sep 2013
Type: security
Affected Mageia releases : 2 , 3
CVE: CVE-2013-4243

Description

A possible heap-based buffer overflow flaw was found in the readgifimage
function in gif2tiff, a tool to convert GIF images to TIFF. A remote
attacker could provide a specially-crafted GIF file that, when processed
by gif2tiff, would cause gif2tiff to crash or, potentially, execute
arbitrary code with the privileges of the user running gif2tiff
(CVE-2013-4243).
                

References

SRPMS

3/core

2/core