| Revision Date: | 2014-07-21 | Version: | 18 |
| Title: | ELSA-2014:0223: libtiff security update (Moderate) |
| Description: | The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted GIF image. |
| Family: | unix | Class: | patch |
| Status: | ACCEPTED | Reference(s): | CVE-2013-1960
CVE-2013-1961
CVE-2013-4231
CVE-2013-4232
CVE-2013-4243
CVE-2013-4244
ELSA-2014:0223-00
|
| Platform(s): | Oracle Linux 5
| Product(s): | libtiff
|
| Definition Synopsis |
| Oracle Linux 5.x AND rpm test
libtiff is earlier than 0:3.8.2-19.el5_10
OR libtiff-devel is earlier than 0:3.8.2-19.el5_10
|