| Revision Date: | 2014-02-24 | Version: | 11 |
| Title: | RHSA-2011:0392: libtiff security and bug fix update (Important) |
| Description: | Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value. |
| Family: | unix | Class: | patch |
| Status: | ACCEPTED | Reference(s): | CESA-2011:0392
CVE-2011-1167
RHSA-2011:0392-01
|
| Platform(s): | CentOS Linux 5
CentOS Linux 6
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
| Product(s): | libtiff
|
| Definition Synopsis |
| Operation system section Redhat 5 or Centos 5 release
The operating system installed on the system is Red Hat Enterprise Linux 5
OR The operating system installed on the system is CentOS Linux 5.x
AND Packages section
libtiff is earlier than 0:3.8.2-7.el5_6.7
OR libtiff-devel is earlier than 0:3.8.2-7.el5_6.7
Operation system section
The operating system installed on the system is Red Hat Enterprise Linux 6
AND Packages section
libtiff is earlier than 0:3.9.4-1.el6_0.2
OR libtiff-static is earlier than 0:3.9.4-1.el6_0.2
OR libtiff-devel is earlier than 0:3.9.4-1.el6_0.2
|