Multiple uint32 overflows have been discovered that are leading to a heap buffer overflow in writeBufferToSeparateStrips(). A maliciously crafted TIFF file could cause the application to crash or even execute arbitrary code on a vulnerable machine.
Multiple uint32 overflows have been discovered that are leading to a heap buffer overflow in writeBufferToSeparateStrips(). A maliciously crafted TIFF file could cause the application to crash or even execute arbitrary code on a vulnerable machine.
http://bugzilla.maptools.org/show_bug.cgi?id=2592 http://www.openwall.com/lists/oss-security/2016/11/11/14