An exploitable heap based buffer overflow exists in the handling of TIFF images in LibTIFF’s TIFF2PDF tool. A crafted TIFF document can lead to a heap based buffer overflow via JPEG Compression Tables resulting in remote code execution. This vulnerability can be triggered via a saved TIFF file delivered by other means.
An exploitable heap based buffer overflow exists in the handling of TIFF images in LibTIFF’s TIFF2PDF tool. A crafted TIFF document can lead to a heap based buffer overflow via JPEG Compression Tables resulting in remote code execution. This vulnerability can be triggered via a saved TIFF file delivered by other means.
http://www.talosintelligence.com/reports/TALOS-2016-0187/ https://github.com/vadz/libtiff/commit/b5d6803f0898e931cf772d3d0755704ab8488e63