CVE-2013-4243

Published: 10 September 2013

Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image.

Priority

Medium

Status

Package Release Status
tiff
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 14.04 ESM (Trusty Tahr)
Released (4.0.3-7ubuntu0.1)
Patches:
Vendor: http://bugzilla.maptools.org/show_bug.cgi?id=2451#c10
tiff3
Launchpad, Ubuntu, Debian
Upstream Needed

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist