[v3.0] tiff: remote DoS and possibly arbitrary code execution (CVE-2013-4243)
Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image.
(from redmine: issue id 3085, created on 2014-06-24, closed on 2014-06-25)
- parent #3081 (closed)
- Revision c04fae12 by Natanael Copa on 2014-06-24T14:34:57Z:
main/tiff: security fixes for CVE-2013-4243 and CVE-2013-4244 fixes #3085