Oval Definition:	oval:org.mitre.oval:def:5514
Revision Date: 2010-05-17 Version: 3 Title: LibTIFF Buffer Underflow in Decoding LZW Data Lets Remote Users Execute Arbitrary Code Description: Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2008-2327 Platform(s): VMWare ESX Server 3 VMWare ESX Server 3.5 Product(s): Definition Synopsis AND VMWare ESX Server 3.0.3 is installed AND Patch ESX303-200810503-SG is not installed OR VMWare ESX Server 3.0.2 is installed AND Patch ESX-1006968 is not installed OR VMware ESX Server 3.5.0 is installed AND Patch ESX350-200811405-SG is not installed
BACK