TITLE:
LibTIFF TIFFVSetField Denial of Service Vulnerability

SECUNIA ADVISORY ID:
SA18587

VERIFY ADVISORY:
http://secunia.com/advisories/18587/

CRITICAL:
Not critical

IMPACT:
DoS

WHERE:
>From remote

SOFTWARE:
LibTIFF 3.x
http://secunia.com/product/4053/

DESCRIPTION:
Herve Drolon has reported a vulnerability in LibTIFF, which can be
exploited by malicious people to crash certain applications on a
user's system.

The vulnerability is caused due to a NULL pointer dereferencing error
in tif_dir.c. This can be exploited to crash an application linked
against LibTIFF when a specially crafted TIFF image is processed.

The vulnerability has been confirmed in version 3.8.0. Other versions
may also be affected.

SOLUTION:
The vendor has supplied a patch for this vulnerability. However, it
is still possible to cause an application to crash via certain
crafted TIFF images.

PROVIDED AND/OR DISCOVERED BY:
Herve Drolon

ORIGINAL ADVISORY:
http://bugzilla.remotesensing.org/show_bug.cgi?id=1029
http://bugzilla.remotesensing.org/show_bug.cgi?id=1034

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------