oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE Request: libtiff: Out-of-bounds Write memcpy and less bound check in tiff2pdf

From: ChenQin <chenqin () topsec com cn>
Date: Fri, 18 Nov 2016 16:33:15 +0800
http://bugzilla.maptools.org/show_bug.cgi?id=2579 <http://bugzilla.maptools.org/show_bug.cgi?id=2579>
fixed:
  * tools/tiff2pdf.c: fix read -largely- outsize of buffer in
        t2p_readwrite_pdf_image_tile(), causing crash, when reading a
        JPEG compressed image with TIFFTAG_JPEGTABLES length being one.
        Reported as MSVR 35101 by Axel Souchet and Vishal Chauhan from
        the MSRC Vulnerabilities & Mitigations team.
Previous By Date Next
Previous By Thread Next

Current thread: