LibTIFF TIFFDUMP Heap Corruption Integer Overflow Vulnerability
BID:12173
Info
LibTIFF TIFFDUMP Heap Corruption Integer Overflow Vulnerability
| Bugtraq ID: | 12173 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2004-1183 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 05 2005 12:00AM |
| Updated: | Jul 12 2009 09:27AM |
| Credit: | Dmitry V. Levin is credited with the discovery of this issue. |
| Vulnerable: |
Ubuntu Ubuntu Linux 4.1 ppc Ubuntu Ubuntu Linux 4.1 ia64 Ubuntu Ubuntu Linux 4.1 ia32 SGI ProPack 3.0 SCO Unixware 7.1.4 Redhat Fedora Core3 Redhat Fedora Core2 Mandriva Linux Mandrake 10.1 x86_64 Mandriva Linux Mandrake 10.1 Mandriva Linux Mandrake 10.0 AMD64 Mandriva Linux Mandrake 10.0 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 LibTIFF LibTIFF 3.7.1 LibTIFF LibTIFF 3.7 LibTIFF LibTIFF 3.6.1 LibTIFF LibTIFF 3.6 .0 LibTIFF LibTIFF 3.5.7 LibTIFF LibTIFF 3.5.5 LibTIFF LibTIFF 3.5.4 LibTIFF LibTIFF 3.5.3 LibTIFF LibTIFF 3.5.2 LibTIFF LibTIFF 3.5.1 LibTIFF LibTIFF 3.4 Gentoo Linux Debian Linux 3.0 sparc Debian Linux 3.0 s/390 Debian Linux 3.0 ppc Debian Linux 3.0 mipsel Debian Linux 3.0 mips Debian Linux 3.0 m68k Debian Linux 3.0 ia-64 Debian Linux 3.0 ia-32 Debian Linux 3.0 hppa Debian Linux 3.0 arm Debian Linux 3.0 alpha Debian Linux 3.0 Avaya Modular Messaging (MSS) 2.0 Avaya Modular Messaging (MSS) 1.1 Avaya MN100 Avaya Intuity LX Avaya Integrated Management Avaya CVLAN |
| Not Vulnerable: | |
Discussion
LibTIFF TIFFDUMP Heap Corruption Integer Overflow Vulnerability
It has been reported that 'tiffdump' is affected by a heap corruption vulnerability due to an integer overflow error that can be triggered when malicious or malformed image files are processed. Theoretically, an attacker can exploit this vulnerability to execute arbitrary code in the context of the affected application when TIFF image data is processed. Because image data is frequently external in origin, these vulnerabilities are considered remotely exploitable.
It has been reported that 'tiffdump' is affected by a heap corruption vulnerability due to an integer overflow error that can be triggered when malicious or malformed image files are processed. Theoretically, an attacker can exploit this vulnerability to execute arbitrary code in the context of the affected application when TIFF image data is processed. Because image data is frequently external in origin, these vulnerabilities are considered remotely exploitable.
Exploit / POC
LibTIFF TIFFDUMP Heap Corruption Integer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
LibTIFF TIFFDUMP Heap Corruption Integer Overflow Vulnerability
Solution:
SCO has released an advisory (SCOSA-2005.19) and fixes to address this issue for UnixWare platforms. Please see the referenced advisory for further information.
RedHat has released two advisories called FEDORA-2005-597 and FEDORA-2005-598 to address this issue in Fedora Core 2 and 3. Please see the referenced advisories for further information.
Gentoo Linux has released advisory GLSA 200501-06 to address this issue. Users of affected packages are urged to execute the following commands with superuser privileges:
emerge --sync
emerge --ask --oneshot --verbose ">=media-libs/tiff-3.7.1-r1"
Please see the referenced advisory for further information.
Debian GNU/Linux has released advisory DSA 626-1 to address this issue. Please see the referenced advisory for further information.
Ubuntu Linux has released advisory USN-54-1 to address this issue. Please see the referenced advisory for further information.
Mandrake has released advisory MDKSA-2005:001 to address various issues in libtiff. Please see the referenced advisory for more information.
Mandrake has released an advisory MDKSA-2005:002 to address various issues in wxGTK2. Please see the referenced advisory for more information.
SUSE has released advisory SUSE-SA:2005:001 to address various issues in libtiff. Please see the referenced advisory for more information.
Red Hat has released an advisory (RHSA-2005:019-11) to address issues in libtiff. Please see the advisory in Web references for more information.
TurboLinux has released a security announcement and fixes to address this and other vulnerabilities. Please see the referenced announcement for further information regarding obtaining and applying appropriate updates.
Conectiva had released advisory CLA-2005:920 to address various issues in libtiff3. Please see the referenced advisory for more information.
SGI has released advisory 20050101-01-U (SGI Advanced Linux Environment 3 Security Update #23) to address various issues in SGI Advanced Linux Environment 3. This advisory includes updated SGI ProPack 3 Service Pack 3 packages and patch 10137. Please see the referenced advisory for more information.
Avaya has released advisory ASA-2005-021 to document the affected versions of Avaya products. Please see the referenced advisory for further information.
Mandrake has released advisory MDKSA-2005:052 to address various issues affecting kdegraphics. Please see the referenced advisory for more information.
SGI ProPack 3.0
LibTIFF LibTIFF 3.5.5
LibTIFF LibTIFF 3.5.7
LibTIFF LibTIFF 3.6.1
SCO Unixware 7.1.4
Solution:
SCO has released an advisory (SCOSA-2005.19) and fixes to address this issue for UnixWare platforms. Please see the referenced advisory for further information.
RedHat has released two advisories called FEDORA-2005-597 and FEDORA-2005-598 to address this issue in Fedora Core 2 and 3. Please see the referenced advisories for further information.
Gentoo Linux has released advisory GLSA 200501-06 to address this issue. Users of affected packages are urged to execute the following commands with superuser privileges:
emerge --sync
emerge --ask --oneshot --verbose ">=media-libs/tiff-3.7.1-r1"
Please see the referenced advisory for further information.
Debian GNU/Linux has released advisory DSA 626-1 to address this issue. Please see the referenced advisory for further information.
Ubuntu Linux has released advisory USN-54-1 to address this issue. Please see the referenced advisory for further information.
Mandrake has released advisory MDKSA-2005:001 to address various issues in libtiff. Please see the referenced advisory for more information.
Mandrake has released an advisory MDKSA-2005:002 to address various issues in wxGTK2. Please see the referenced advisory for more information.
SUSE has released advisory SUSE-SA:2005:001 to address various issues in libtiff. Please see the referenced advisory for more information.
Red Hat has released an advisory (RHSA-2005:019-11) to address issues in libtiff. Please see the advisory in Web references for more information.
TurboLinux has released a security announcement and fixes to address this and other vulnerabilities. Please see the referenced announcement for further information regarding obtaining and applying appropriate updates.
Conectiva had released advisory CLA-2005:920 to address various issues in libtiff3. Please see the referenced advisory for more information.
SGI has released advisory 20050101-01-U (SGI Advanced Linux Environment 3 Security Update #23) to address various issues in SGI Advanced Linux Environment 3. This advisory includes updated SGI ProPack 3 Service Pack 3 packages and patch 10137. Please see the referenced advisory for more information.
Avaya has released advisory ASA-2005-021 to document the affected versions of Avaya products. Please see the referenced advisory for further information.
Mandrake has released advisory MDKSA-2005:052 to address various issues affecting kdegraphics. Please see the referenced advisory for more information.
SGI ProPack 3.0
-
SGI patch10137.tar.gz
ftp://patches.sgi.com/support/free/security/patches/ProPack/3/patch101 37.tar.gz
LibTIFF LibTIFF 3.5.5
-
Debian libtiff-tools_3.5.5-6.woody5_alpha.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5. 5-6.woody5_alpha.deb -
Debian libtiff-tools_3.5.5-6.woody5_arm.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5. 5-6.woody5_arm.deb -
Debian libtiff-tools_3.5.5-6.woody5_hppa.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5. 5-6.woody5_hppa.deb -
Debian libtiff-tools_3.5.5-6.woody5_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5. 5-6.woody5_i386.deb -
Debian libtiff-tools_3.5.5-6.woody5_ia64.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5. 5-6.woody5_ia64.deb -
Debian libtiff-tools_3.5.5-6.woody5_m68k.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5. 5-6.woody5_m68k.deb -
Debian libtiff-tools_3.5.5-6.woody5_mips.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5. 5-6.woody5_mips.deb -
Debian libtiff-tools_3.5.5-6.woody5_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5. 5-6.woody5_mipsel.deb -
Debian libtiff-tools_3.5.5-6.woody5_powerpc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5. 5-6.woody5_powerpc.deb -
Debian libtiff-tools_3.5.5-6.woody5_s390.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5. 5-6.woody5_s390.deb -
Debian libtiff-tools_3.5.5-6.woody5_sparc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5. 5-6.woody5_sparc.deb -
Debian libtiff3g-dev_3.5.5-6.woody5_alpha.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5. 5-6.woody5_alpha.deb -
Debian libtiff3g-dev_3.5.5-6.woody5_arm.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5. 5-6.woody5_arm.deb -
Debian libtiff3g-dev_3.5.5-6.woody5_hppa.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5. 5-6.woody5_hppa.deb -
Debian libtiff3g-dev_3.5.5-6.woody5_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5. 5-6.woody5_i386.deb -
Debian libtiff3g-dev_3.5.5-6.woody5_ia64.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5. 5-6.woody5_ia64.deb -
Debian libtiff3g-dev_3.5.5-6.woody5_m68k.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5. 5-6.woody5_m68k.deb -
Debian libtiff3g-dev_3.5.5-6.woody5_mips.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5. 5-6.woody5_mips.deb -
Debian libtiff3g-dev_3.5.5-6.woody5_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5. 5-6.woody5_mipsel.deb -
Debian libtiff3g-dev_3.5.5-6.woody5_powerpc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5. 5-6.woody5_powerpc.deb -
Debian libtiff3g-dev_3.5.5-6.woody5_s390.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5. 5-6.woody5_s390.deb -
Debian libtiff3g-dev_3.5.5-6.woody5_sparc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5. 5-6.woody5_sparc.deb -
Debian libtiff3g_3.5.5-6.woody5_alpha.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6. woody5_alpha.deb -
Debian libtiff3g_3.5.5-6.woody5_arm.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6. woody5_arm.deb -
Debian libtiff3g_3.5.5-6.woody5_hppa.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6. woody5_hppa.deb -
Debian libtiff3g_3.5.5-6.woody5_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6. woody5_i386.deb -
Debian libtiff3g_3.5.5-6.woody5_ia64.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6. woody5_ia64.deb -
Debian libtiff3g_3.5.5-6.woody5_m68k.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6. woody5_m68k.deb -
Debian libtiff3g_3.5.5-6.woody5_mips.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6. woody5_mips.deb -
Debian libtiff3g_3.5.5-6.woody5_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6. woody5_mipsel.deb -
Debian libtiff3g_3.5.5-6.woody5_powerpc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6. woody5_powerpc.deb -
Debian libtiff3g_3.5.5-6.woody5_s390.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6. woody5_s390.deb -
Debian libtiff3g_3.5.5-6.woody5_sparc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6. woody5_sparc.deb -
Mandrake libtiff3-3.5.5-9.5.M82mdk.i586.rpm
Mandrake Multi Network Firewall 8.2
http://www.mandrakesecure.net/en/ftp.php -
TurboLinux libtiff-3.5.5-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/upd ates/RPMS/libtiff-3.5.5-7.i586.rpm -
TurboLinux libtiff-3.5.5-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 7/updates/RPMS/libtiff-3.5.5-7.i586.rpm -
TurboLinux libtiff-3.5.5-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 8/updates/RPMS/libtiff-3.5.5-7.i586.rpm -
TurboLinux libtiff-devel-3.5.5-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/upd ates/RPMS/libtiff-devel-3.5.5-7.i586.rpm -
TurboLinux libtiff-devel-3.5.5-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 7/updates/RPMS/libtiff-devel-3.5.5-7.i586.rpm -
TurboLinux libtiff-devel-3.5.5-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 8/updates/RPMS/libtiff-devel-3.5.5-7.i586.rpm
LibTIFF LibTIFF 3.5.7
-
Conectiva libtiff-devel-3.5.7-53035U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libtiff-devel-3.5.7-53035U 10_2cl.i386.rpm -
Conectiva libtiff-devel-3.5.7-8495U90_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/libtiff-devel-3.5.7-8495U90 _3cl.i386.rpm -
Conectiva libtiff-devel-static-3.5.7-53035U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libtiff-devel-static-3.5.7 -53035U10_2cl.i386.rpm -
Conectiva libtiff-devel-static-3.5.7-8495U90_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/libtiff-devel-static-3.5.7- 8495U90_3cl.i386.rpm -
Conectiva libtiff-progs-3.5.7-53035U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libtiff-progs-3.5.7-53035U 10_2cl.i386.rpm -
Conectiva libtiff-progs-3.5.7-8495U90_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/libtiff-progs-3.5.7-8495U90 _3cl.i386.rpm -
Conectiva libtiff3-3.5.7-53035U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libtiff3-3.5.7-53035U10_2c l.i386.rpm -
Conectiva libtiff3-3.5.7-8495U90_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/libtiff3-3.5.7-8495U90_3cl. i386.rpm -
Conectiva libwxgtk2-2.4-2.4.2-56474U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libwxgtk2-2.4-2.4.2-56474U 10_2cl.i386.rpm -
Conectiva libwxgtk2-2.4-i18n-cs-2.4.2-56474U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libwxgtk2-2.4-i18n-cs-2.4. 2-56474U10_2cl.i386.rpm -
Conectiva libwxgtk2-2.4-i18n-da-2.4.2-56474U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libwxgtk2-2.4-i18n-da-2.4. 2-56474U10_2cl.i386.rpm -
Conectiva libwxgtk2-2.4-i18n-de-2.4.2-56474U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libwxgtk2-2.4-i18n-de-2.4. 2-56474U10_2cl.i386.rpm -
Conectiva libwxgtk2-2.4-i18n-es-2.4.2-56474U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libwxgtk2-2.4-i18n-es-2.4. 2-56474U10_2cl.i386.rpm -
Conectiva libwxgtk2-2.4-i18n-fi-2.4.2-56474U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libwxgtk2-2.4-i18n-fi-2.4. 2-56474U10_2cl.i386.rpm -
Conectiva libwxgtk2-2.4-i18n-fr-2.4.2-56474U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libwxgtk2-2.4-i18n-fr-2.4. 2-56474U10_2cl.i386.rpm -
Conectiva libwxgtk2-2.4-i18n-hu-2.4.2-56474U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libwxgtk2-2.4-i18n-hu-2.4. 2-56474U10_2cl.i386.rpm -
Conectiva libwxgtk2-2.4-i18n-id-2.4.2-56474U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libwxgtk2-2.4-i18n-id-2.4. 2-56474U10_2cl.i386.rpm -
Conectiva libwxgtk2-2.4-i18n-it-2.4.2-56474U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libwxgtk2-2.4-i18n-it-2.4. 2-56474U10_2cl.i386.rpm -
Conectiva libwxgtk2-2.4-i18n-nl-2.4.2-56474U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libwxgtk2-2.4-i18n-nl-2.4. 2-56474U10_2cl.i386.rpm -
Conectiva libwxgtk2-2.4-i18n-pl-2.4.2-56474U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libwxgtk2-2.4-i18n-pl-2.4. 2-56474U10_2cl.i386.rpm -
Conectiva libwxgtk2-2.4-i18n-ru-2.4.2-56474U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libwxgtk2-2.4-i18n-ru-2.4. 2-56474U10_2cl.i386.rpm -
Conectiva libwxgtk2-2.4-i18n-sl-2.4.2-56474U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libwxgtk2-2.4-i18n-sl-2.4. 2-56474U10_2cl.i386.rpm -
Conectiva libwxgtk2-2.4-i18n-sv-2.4.2-56474U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libwxgtk2-2.4-i18n-sv-2.4. 2-56474U10_2cl.i386.rpm -
Conectiva libwxgtk2-2.4-i18n-tr-2.4.2-56474U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libwxgtk2-2.4-i18n-tr-2.4. 2-56474U10_2cl.i386.rpm -
Conectiva libwxgtk2-2.4-i18n-zh-2.4.2-56474U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libwxgtk2-2.4-i18n-zh-2.4. 2-56474U10_2cl.i386.rpm -
Conectiva libwxgtk2-devel-2.4.2-56474U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libwxgtk2-devel-2.4.2-5647 4U10_2cl.i386.rpm -
Conectiva libwxgtk2-doc-2.4.2-56474U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libwxgtk2-doc-2.4.2-56474U 10_2cl.i386.rpm -
Conectiva libwxgtk2-examples-2.4.2-56474U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libwxgtk2-examples-2.4.2-5 6474U10_2cl.i386.rpm -
Conectiva libwxgtk2-gl-2.4.2-56474U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libwxgtk2-gl-2.4.2-56474U1 0_2cl.i386.rpm -
Conectiva wxGTK-2.4.0-27439U90_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/wxGTK-2.4.0-27439U90_2cl.i3 86.rpm -
Conectiva wxGTK-devel-2.4.0-27439U90_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/wxGTK-devel-2.4.0-27439U90_ 2cl.i386.rpm -
Conectiva wxGTK-examples-2.4.0-27439U90_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/wxGTK-examples-2.4.0-27439U 90_2cl.i386.rpm -
Conectiva wxGTK-gl-2.4.0-27439U90_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/wxGTK-gl-2.4.0-27439U90_2cl .i386.rpm -
Fedora libtiff-3.5.7-22.fc2.i386.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora libtiff-3.5.7-22.fc2.x86_64.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora libtiff-debuginfo-3.5.7-22.fc2.i386.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora libtiff-debuginfo-3.5.7-22.fc2.x86_64.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora libtiff-devel-3.5.7-22.fc2.i386.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Fedora libtiff-devel-3.5.7-22.fc2.x86_64.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ -
Mandrake lib64tiff3-3.5.7-11.5.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake lib64tiff3-devel-3.5.7-11.5.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake lib64tiff3-devel-3.5.7-11.5.92mdk.amd64.rpm
Mandrake Linux 9.2/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake lib64tiff3-static-devel-3.5.7-11.5.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake lib64tiff3-static-devel-3.5.7-11.5.92mdk.amd64.rpm
Mandrake Linux 9.2/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libtiff-progs-3.5.7-11.5.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libtiff-progs-3.5.7-11.5.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libtiff-progs-3.5.7-11.5.92mdk.amd64.rpm
Mandrake Linux 9.2/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libtiff-progs-3.5.7-11.5.92mdk.i586.rpm
Mandrake Linux 9.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libtiff3-3.5.7-11.5.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libtiff3-3.5.7-11.5.92mdk.i586.rpm
Mandrake Linux 9.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libtiff3-3.5.7-5.3.C21mdk.i586.rpm
Mandrake Corporate Server 2.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libtiff3-3.5.7-5.3.C21mdk.x86_64.rpm
Mandrake Corporate Server 2.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libtiff3-3.5.7-5.5.C21mdk.i586.rpm
Mandrake Corporate Server 2.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libtiff3-3.5.7-5.5.C21mdk.x86_64.rpm
Mandrake Corporate Server 2.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libtiff3-devel-3.5.7-11.5.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libtiff3-devel-3.5.7-11.5.92mdk.i586.rpm
Mandrake Linux 9.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libtiff3-devel-3.5.7-5.5.C21mdk.x86_64.rpm
Mandrake Corporate Server 2.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libtiff3-progs-3.5.7-5.5.C21mdk.i586.rpm
Mandrake Corporate Server 2.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libtiff3-progs-3.5.7-5.5.C21mdk.x86_64.rpm
Mandrake Corporate Server 2.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libtiff3-static-devel-3.5.7-11.5.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libtiff3-static-devel-3.5.7-11.5.92mdk.i586.rpm
Mandrake Linux 9.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libtiff3-static-devel-3.5.7-5.5.C21mdk.i586.rpm
Mandrake Corporate Server 2.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libtiff3-static-devel-3.5.7-5.5.C21mdk.x86_64.rpm
Mandrake Corporate Server 2.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
SuSE libtiff-3.5.7-379.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/libtiff-3.5.7-379 .i586.patch.rpm -
SuSE libtiff-3.5.7-379.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/libtiff-3.5.7-379 .i586.patch.rpm -
SuSE libtiff-3.5.7-379.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/libtiff-3.5.7-379 .i586.patch.rpm -
SuSE libtiff-3.5.7-379.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/libtiff-3.5.7 -379.x86_64.patch.rpm -
SuSE tiff-3.5.7-379.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/tiff-3.5.7-379.i5 86.patch.rpm -
SuSE tiff-3.5.7-379.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/tiff-3.5.7-379.i5 86.patch.rpm -
SuSE tiff-3.5.7-379.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/tiff-3.5.7-379.i5 86.patch.rpm -
SuSE tiff-3.5.7-379.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/tiff-3.5.7-37 9.x86_64.patch.rpm -
SuSE libtiff-3.5.7-379.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/libtiff-3.5.7-379 .i586.rpm -
SuSE libtiff-3.5.7-379.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/libtiff-3.5.7-379 .i586.rpm -
SuSE libtiff-3.5.7-379.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/libtiff-3.5.7-379 .i586.rpm -
SuSE libtiff-3.5.7-379.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/libtiff-3.5.7 -379.x86_64.rpm -
SuSE tiff-3.5.7-379.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/tiff-3.5.7-379.i5 86.rpm -
SuSE tiff-3.5.7-379.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/tiff-3.5.7-379.i5 86.rpm -
SuSE tiff-3.5.7-379.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/tiff-3.5.7-379.i5 86.rpm -
SuSE tiff-3.5.7-379.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/tiff-3.5.7-37 9.x86_64.rpm -
TurboLinux libtiff-3.5.7-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/libtiff-3.5.7-7.i586.rpm -
TurboLinux libtiff-3.5.7-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/upd ates/RPMS/libtiff-3.5.7-7.i586.rpm -
TurboLinux libtiff-devel-3.5.7-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/libtiff-devel-3.5.7-7.i586.rpm -
TurboLinux libtiff-devel-3.5.7-7.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/upd ates/RPMS/libtiff-devel-3.5.7-7.i586.rpm
LibTIFF LibTIFF 3.6.1
-
Fedora libtiff-3.6.1-9.fc3.i386.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
Fedora libtiff-3.6.1-9.fc3.x86_64.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
Fedora libtiff-debuginfo-3.6.1-9.fc3.i386.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
Fedora libtiff-debuginfo-3.6.1-9.fc3.x86_64.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
Fedora libtiff-devel-3.6.1-9.fc3.i386.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
Fedora libtiff-devel-3.6.1-9.fc3.x86_64.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
Mandrake lib64tiff3-3.6.1-4.3.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake lib64tiff3-devel-3.6.1-4.3.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake lib64tiff3-static-devel-3.6.1-4.3.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libtiff-progs-3.6.1-4.3.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libtiff3-3.6.1-4.3.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libtiff3-devel-3.6.1-4.3.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libtiff3-static-devel-3.6.1-4.3.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
SuSE libtiff-3.6.1-38.14.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/libtiff-3.6.1-38. 14.i586.patch.rpm -
SuSE libtiff-3.6.1-38.14.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/libtiff-3.6.1 -38.14.x86_64.patch.rpm -
SuSE libtiff-32bit-9.2-200501041820.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/libtiff-32bit -9.2-200501041820.x86_64.patch.rpm -
SuSE libtiff-devel-3.6.1-47.4.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/libtiff-devel-3.6 .1-47.4.i586.patch.rpm -
SuSE libtiff-devel-3.6.1-47.4.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/libtiff-devel -3.6.1-47.4.x86_64.patch.rpm -
SuSE tiff-3.6.1-38.14.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/tiff-3.6.1-38.14. i586.patch.rpm -
SuSE tiff-3.6.1-38.14.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/tiff-3.6.1-38 .14.x86_64.patch.rpm -
SuSE tiff-3.6.1-47.4.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/tiff-3.6.1-47.4.i 586.patch.rpm -
SuSE tiff-3.6.1-47.4.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/tiff-3.6.1-47 .4.x86_64.patch.rpm -
SuSE libtiff-3.5.7-379.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/libtiff-3.5.7 -379.x86_64.rpm -
SuSE libtiff-3.6.1-38.14.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/libtiff-3.6.1-38. 14.i586.rpm -
SuSE libtiff-3.6.1-38.14.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/libtiff-3.6.1 -38.14.x86_64.rpm -
SuSE libtiff-3.6.1-47.4.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/libtiff-3.6.1-47. 4.i586.patch.rpm -
SuSE libtiff-3.6.1-47.4.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/libtiff-3.6.1-47. 4.i586.rpm -
SuSE libtiff-32bit-9.2-200501041820.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/libtiff-32bit -9.2-200501041820.x86_64.rpm -
SuSE libtiff-devel-3.6.1-47.4.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/libtiff-devel-3.6 .1-47.4.i586.rpm -
SuSE libtiff-devel-3.6.1-47.4.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/libtiff-devel -3.6.1-47.4.x86_64.rpm -
SuSE tiff-3.6.1-38.14.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/tiff-3.6.1-38.14. i586.rpm -
SuSE tiff-3.6.1-38.14.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/tiff-3.6.1-38 .14.x86_64.rpm -
SuSE tiff-3.6.1-47.4.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/tiff-3.6.1-47.4.i 586.rpm -
SuSE tiff-3.6.1-47.4.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/tiff-3.6.1-47 .4.x86_64.rpm -
TurboLinux libtiff-3.6.1-4.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/up dates/RPMS/libtiff-3.6.1-4.i586.rpm -
TurboLinux libtiff-debug-3.6.1-4.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/up dates/RPMS/libtiff-debug-3.6.1-4.i586.rpm -
TurboLinux libtiff-devel-3.6.1-4.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/up dates/RPMS/libtiff-devel-3.6.1-4.i586.rpm -
Ubuntu libtiff-tools_3.6.1-1.1ubuntu1.2_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-tools_3 .6.1-1.1ubuntu1.2_amd64.deb -
Ubuntu libtiff-tools_3.6.1-1.1ubuntu1.2_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-tools_3 .6.1-1.1ubuntu1.2_i386.deb -
Ubuntu libtiff-tools_3.6.1-1.1ubuntu1.2_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-tools_3 .6.1-1.1ubuntu1.2_powerpc.deb -
Ubuntu libtiff4-dev_3.6.1-1.1ubuntu1.2_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.6.1- 1.1ubuntu1.2_amd64.deb -
Ubuntu libtiff4-dev_3.6.1-1.1ubuntu1.2_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.6.1- 1.1ubuntu1.2_i386.deb -
Ubuntu libtiff4-dev_3.6.1-1.1ubuntu1.2_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.6.1- 1.1ubuntu1.2_powerpc.deb -
Ubuntu libtiff4_3.6.1-1.1ubuntu1.2_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.6.1-1.1u buntu1.2_amd64.deb -
Ubuntu libtiff4_3.6.1-1.1ubuntu1.2_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.6.1-1.1u buntu1.2_i386.deb -
Ubuntu libtiff4_3.6.1-1.1ubuntu1.2_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.6.1-1.1u buntu1.2_powerpc.deb
SCO Unixware 7.1.4
-
SCO SCOSA-2005.19
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.19
References
LibTIFF TIFFDUMP Heap Corruption Integer Overflow Vulnerability
References:
References:
- ASA-2005-021_RHSA-2005-019 (Avaya)
- LibTIFF Homepage (LibTIFF)
- RHSA-2005:019-11 - Updated libtiff packages fix security issues (RedHat)