Mandrake Linux Security Advisory : wxGTK2 (MDKSA-2004:111)
High Nessus Plugin ID 24551
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionSeveral vulnerabilities have been discovered in the libtiff package;
wxGTK2 uses a libtiff code tree, so it may have the same vulnerabilities :
Chris Evans discovered several problems in the RLE (run length encoding) decoders that could lead to arbitrary code execution.
Matthias Clasen discovered a division by zero through an integer overflow. (CVE-2004-0804)
Dmitry V. Levin discovered several integer overflows that caused malloc issues which can result to either plain crash or memory corruption. (CVE-2004-0886)
SolutionUpdate the affected packages.