A buffer overflow has been found in the tiff2pdf utility. By tricking an user into processing a specially crafted TIF file with tiff2pdf, this could potentially be exploited to execute arbitrary code with the privileges of the user. (CVE-2006-2193)
A. Alejandro Hern�ndez discovered a buffer overflow in the tiffsplit utility. By calling tiffsplit with specially crafted long arguments, an user can execute arbitrary code. If tiffsplit is used in e. g. a web-based frontend or similar automated system, this could lead to remote arbitary code execution with the privileges of that system. (In normal interactive command line usage this is not a vulnerability.) (CVE-2006-2656)
8 June 2006
A security issue affects these releases of Ubuntu and its derivatives:
A buffer overflow has been found in the tiff2pdf utility. By tricking an user into processing a specially crafted TIF file with tiff2pdf, this could potentially be exploited to execute arbitrary code with the privileges of the user. (CVE-2006-2193)
A. Alejandro Hern�ndez discovered a buffer overflow in the tiffsplit utility. By calling tiffsplit with specially crafted long arguments, an user can execute arbitrary code. If tiffsplit is used in e. g. a web-based frontend or similar automated system, this could lead to remote arbitary code execution with the privileges of that system. (In normal interactive command line usage this is not a vulnerability.) (CVE-2006-2656)
The problem can be corrected by updating your system to the following package versions:
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system upgrade is sufficient to effect the necessary changes.
Vulmon