Ubuntu Security Notice (C) 2011-2013 Canonical, Inc. / NASL script (C) 2011-2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing one or more security-related patches.
Martin Barbella discovered that the thunder (aka ThunderScan) decoder
in the TIFF library incorrectly handled an unexpected BitsPerSample
value. If a user or automated system were tricked into opening a
specially crafted TIFF image, a remote attacker could execute
arbitrary code with user privileges, or crash the application, leading
to a denial of service.
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.0
Public Exploit Available : false