Mandrake Linux Security Advisory : libtiff (MDKSA-2004:109)
High Nessus Plugin ID 15523
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionSeveral vulnerabilities have been discovered in the libtiff package :
Chris Evans discovered several problems in the RLE (run length encoding) decoders that could lead to arbitrary code execution.
Matthias Clasen discovered a division by zero through an integer overflow. (CVE-2004-0804)
Dmitry V. Levin discovered several integer overflows that caused malloc issues which can result to either plain crash or memory corruption. (CVE-2004-0886)
SolutionUpdate the affected packages.