CVE-2009-3296

Published: 20 October 2009

Multiple integer overflows in tiffread.c in CamlImages 2.2 might allow remote attackers to execute arbitrary code via TIFF images containing large width and height values that trigger heap-based buffer overflows.

Priority

Status

Package	Release	Status
advi Launchpad, Ubuntu, Debian	dapper	Ignored (end of life)
	hardy	Released (1.6.0-13ubuntu0.1)
	intrepid	Ignored (end of life, was needed)
	jaunty	Released (1.6.0-13+lenny2build0.9.04.1)
	karmic	Released (1.6.0-14ubuntu0.1)
	lucid	Not vulnerable (1.6.0-15)
	maverick	Not vulnerable
	upstream	Released (1.6.0-15)
camlimages Launchpad, Ubuntu, Debian	dapper	Ignored (end of life)
	hardy	Released (1:2.2.0-2ubuntu2.1)
	intrepid	Released (1:2.2.0-3ubuntu0.1)
	jaunty	Released (1:2.2.0-4+lenny3build0.9.04.1)
	karmic	Released (1:3.0.1-3ubuntu0.1)
	lucid	Not vulnerable (1:3.0.1-5)
	maverick	Not vulnerable (1:3.0.1-5)
	upstream	Released (1:3.0.1-5)
	Patches: vendor: http://www.debian.org/security/2009/dsa-1912

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

CVE-2009-3296

Priority

Status

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Further reading