CVE-2009-3296

Published: 20 October 2009

Multiple integer overflows in tiffread.c in CamlImages 2.2 might allow remote attackers to execute arbitrary code via TIFF images containing large width and height values that trigger heap-based buffer overflows.

Priority

Status

Package	Release	Status
advi Launchpad, Ubuntu, Debian	Upstream	Released (1.6.0-15)







camlimages Launchpad, Ubuntu, Debian	Upstream	Released (1:3.0.1-5)







	Patches: Vendor: http://www.debian.org/security/2009/dsa-1912

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3296
NVD
Launchpad
Debian

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

CVE-2009-3296

Medium

Status

References

Join the discussion

Canonical is offering Extended Security Maintenance

Further reading