DescriptionInteger overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF file containing a directory data structure with many directory entries.
NVD CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
Novell/SUSE informationNovell Bugzilla entries: 687442, 854393 SUSE Security Advisories:
- SUSE-SR:2011:008, published Tue, 03 May 2011 11:00:00 +0000
- SUSE-SR:2011:009, published Tue, 17 May 2011 10:00:00 +0000
- openSUSE-SU-2011:0405-1, published Fri, 29 Apr 2011 08:08:16 +0200 (CEST)
- openSUSE-SU-2011:0409-1, published Fri, 29 Apr 2011 09:08:12 +0200 (CEST)