USN-1120-1: tiff vulnerability
21 April 2011
The TIFF library could be made to run programs as your login if it opened a specially crafted file.
- tiff - TIFF manipulation and conversion tools
It was discovered that the TIFF library incorrectly handled certain JPEG
data. If a user or automated system were tricked into opening a specially
crafted TIFF image, a remote attacker could execute arbitrary code with
user privileges, or crash the application, leading to a denial of service.