Ubuntu 5.04 / 5.10 / 6.06 LTS : tiff vulnerabilities (USN-330-1)
High Nessus Plugin ID 27909
SynopsisThe remote Ubuntu host is missing one or more security-related patches.
DescriptionTavis Ormandy discovered that the TIFF library did not sufficiently check handled images for validity. By tricking an user or an automated system into processing a specially crafted TIFF image, an attacker could exploit these weaknesses to execute arbitrary code with the target application's privileges.
This library is used in many client and server applications, thus you should reboot your computer after the upgrade to ensure that all running programs use the new version of the library.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected packages.