Mandriva Linux Security Advisory : libtiff (MDVSA-2013:046)

high Nessus Plugin ID 66060

Synopsis

The remote Mandriva Linux host is missing one or more security updates.

Description

Updated libtiff packages fix security vulnerabilities :

libtiff did not properly convert between signed and unsigned integer values, leading to a buffer overflow. An attacker could use this flaw to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code (CVE-2012-2088).

Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the tiff2pdf tool. An attacker could use these flaws to create a specially crafted TIFF file that would cause tiff2pdf to crash or, possibly, execute arbitrary code (CVE-2012-2113).

Huzaifa Sidhpurwala discovered that the tiff2pdf utility incorrectly handled certain malformed TIFF images. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges (CVE-2012-3401).

It was discovered that a buffer overflow in libtiff's parsing of files using PixarLog compression could lead to the execution of arbitrary code (CVE-2012-4447).

ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow (CVE-2012-4564).

It was discovered that LibTIFF incorrectly handled certain malformed images using the DOTRANGE tag. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges (CVE-2012-5581).

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 66060

File Name: mandriva_MDVSA-2013-046.nasl

Version: 1.8

Type: local

Published: 4/20/2013

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:lib64tiff-devel, p-cpe:/a:mandriva:linux:lib64tiff-static-devel, p-cpe:/a:mandriva:linux:lib64tiff5, p-cpe:/a:mandriva:linux:libtiff-progs, cpe:/o:mandriva:business_server:1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 4/5/2013

Reference Information

CVE: CVE-2012-2088, CVE-2012-2113, CVE-2012-3401, CVE-2012-4447, CVE-2012-4564, CVE-2012-5581

BID: 54076, 54270, 54601, 55673, 56372, 56715

MDVSA: 2013:046

MGASA: 2012-0137, 2012-0181, 2012-0317, 2012-0332, 2012-0355