Submitted by Vincent (CVE) Danen on Thu, 09/17/2015 - 18:04
Stack-based buffer overflow in the t2p_write_pdf_page function in tiff2pdf in libtiff before 4.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted image length and resolution in a TIFF image file.
CVE-2013-1961 libtiff (tiff2pdf): Stack-based buffer overflow with malformed image-length and resolution
Red Hat would like to thank Emmanuel Bouillon (NCI Agency) for reporting this issue.
Red Hat Security Errata
|Red Hat Enterprise Linux 5 (libtiff)||RHSA-2014:0223||2014-02-27|
|Red Hat Enterprise Linux 6 (libtiff)||RHSA-2014:0222||2014-02-27|