Submitted by Vincent (CVE) Danen on Thu, 09/17/2015 - 18:04
Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file.
CVE-2013-1960 libtiff (tiff2pdf): Heap-based buffer overflow in t2_process_jpeg_strip()
Red Hat would like to thank Emmanuel Bouillon (NCI Agency) for reporting this issue.
Red Hat Security Errata
|Red Hat Enterprise Linux 5 (libtiff)||RHSA-2014:0223||2014-02-27|
|Red Hat Enterprise Linux 6 (libtiff)||RHSA-2014:0222||2014-02-27|