10689 – Multiple vulnerabilities in libtiff (CVE-2013-1960, CVE-2013-1961)

Bug 10689 - Multiple vulnerabilities in libtiff (CVE-2013-1960, CVE-2013-1961)

Summary: Multiple vulnerabilities in libtiff (CVE-2013-1960, CVE-2013-1961)

Status:	RESOLVED DUPLICATE of bug 9970

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	2
Hardware:	i586 Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	Mageia Bug Squad
QA Contact:	Sec team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2013-07-04 10:21 CEST by Oden Eriksson
Modified:	2013-07-04 20:09 CEST (History)
CC List:	1 user (show)

See Also:
Source RPM:	libtiff
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Oden Eriksson 2013-07-04 10:21:19 CEST

======================================================
Name: CVE-2013-1960
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1960
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130219
Category: 
Reference: MLIST:[oss-security] 20130502 Fwd: Two libtiff (tiff2pdf flaws)
Reference: URL:http://seclists.org/oss-sec/2013/q2/254
Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=952158
Reference: DEBIAN:DSA-2698
Reference: URL:http://www.debian.org/security/2013/dsa-2698
Reference: SUSE:openSUSE-SU-2013:0922
Reference: URL:http://lists.opensuse.org/opensuse-updates/2013-06/msg00058.html
Reference: SUSE:openSUSE-SU-2013:0944
Reference: URL:http://lists.opensuse.org/opensuse-updates/2013-06/msg00080.html
Reference: SECUNIA:53237
Reference: URL:http://secunia.com/advisories/53237
Reference: SECUNIA:53765
Reference: URL:http://secunia.com/advisories/53765

Heap-based buffer overflow in the tp_process_jpeg_strip function in
tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause
a denial of service (crash) and possibly execute arbitrary code via a
crafted TIFF image file.



======================================================
Name: CVE-2013-1961
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1961
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130219
Category: 
Reference: MLIST:[oss-security] 20130502 Fwd: Two libtiff (tiff2pdf flaws)
Reference: URL:http://seclists.org/oss-sec/2013/q2/254
Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=952131
Reference: DEBIAN:DSA-2698
Reference: URL:http://www.debian.org/security/2013/dsa-2698
Reference: SUSE:openSUSE-SU-2013:0922
Reference: URL:http://lists.opensuse.org/opensuse-updates/2013-06/msg00058.html
Reference: SUSE:openSUSE-SU-2013:0944
Reference: URL:http://lists.opensuse.org/opensuse-updates/2013-06/msg00080.html
Reference: SECUNIA:53237
Reference: URL:http://secunia.com/advisories/53237
Reference: SECUNIA:53765
Reference: URL:http://secunia.com/advisories/53765

Stack-based buffer overflow in the t2p_write_pdf_page function in
tiff2pdf in libtiff before 4.0.3 allows remote attackers to cause a
denial of service (application crash) via a crafted image length and
resolution in a TIFF image file.


Reproducible: 

Steps to Reproduce:

Comment 1 David Walser 2013-07-04 17:33:58 CEST

Fixed two months ago.

*** This bug has been marked as a duplicate of bug 9970 ***

Status: NEW => RESOLVED
CC: (none) => luigiwalser
Resolution: (none) => DUPLICATE

Comment 2 Oden Eriksson 2013-07-04 20:09:05 CEST

whoops :-)

Note You need to log in before you can comment on or make changes to this bug.