Product: Solaris 8 Operating System Solaris 9 Operating System Solaris 10 Operating System OpenSolaris

Multiple integer overflow vulnerabilities in the libtiff(3) image conversion tools 'tiff2rgba' and 'rgb2ycbcr' may allow a local or remote unprivileged user to execute arbitrary code via a TIFF image with large width and height values.

This issue is also described in the following document:

CVE-2009-2347 at

State: Workaround
First released: 14-Aug-2009
Sun Alert Link: