Submitted by Vincent (CVE) Danen on Thu, 09/17/2015 - 17:58
LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted TIFF file, a different vulnerability than CVE-2010-2443.
Not vulnerable. This issue did not affect the versions of libtiff as shipped with Red Hat Enterprise Linux 3, 4, or 5.
CVE-2010-2443 CVE-2010-2482 libtiff: OJPEGReadBufferFill NULL deref crash