Vulnerability CVE-2013-4244: Information
Description
The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted GIF image.
Severity: MEDIUM (6.8)
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
libtiff | sisyphus | 4.0.10.0.57.f9fc01c3-alt1 | 4.4.0-alt4 | ALT-PU-2019-1628-1 | 226958 | Fixed |
libtiff | p10 | 4.0.10.0.57.f9fc01c3-alt1 | 4.4.0-alt2 | ALT-PU-2019-1628-1 | 226958 | Fixed |
libtiff | p9 | 4.0.10.0.57.f9fc01c3-alt1 | 4.0.10.0.57.f9fc01c3-alt1 | ALT-PU-2019-1628-1 | 226958 | Fixed |
libtiff | c10f1 | 4.0.10.0.57.f9fc01c3-alt1 | 4.4.0-alt2 | ALT-PU-2019-1628-1 | 226958 | Fixed |
libtiff | c9f2 | 4.0.10.0.57.f9fc01c3-alt1 | 4.3.0-alt1 | ALT-PU-2019-1628-1 | 226958 | Fixed |
libtiff | p11 | 4.0.10.0.57.f9fc01c3-alt1 | 4.4.0-alt4 | ALT-PU-2019-1628-1 | 226958 | Fixed |