Product: Solaris 8 Operating System Solaris 9 Operating System Solaris 10 Operating System OpenSolaris

Multiple integer overflow vulnerabilities in the libtiff(3) image conversion tools 'tiff2rgba' and 'rgb2ycbcr' may allow a local or remote unprivileged user to execute arbitrary code via a TIFF image with large width and height values.

This issue is also described in the following document:

CVE-2009-2347 at http://cve.mitre.org/cgi-bin/cvename...=CVE-2009-2347




State: Workaround
First released: 14-Aug-2009
Sun Alert Link: http://sunsolve.sun.com/search/docum...=1-66-265808-1


More...