Stack-based buffer overflow in the _TIFFVGetField function in libtiff 4.0.6 and previous versions allows remote malicious users to crash the application via a crafted tiff.
Debian Bug report logs -
#809066
tiff: CVE-2015-7554
Package:
src:tiff;
Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 26 Dec 2015 21:24:02 UTC
Severity: important
Tags: patch, security, upstream
Merged with 842043
Found in versi ...
Stack-based buffer overflow in the _TIFFVGetField function in libtiff 406 and earlier allows remote attackers to crash the application via a crafted tiff ...
A stack-based buffer overflow vulnerability was reported in thumbnail's _TIFFVGetField() function Memory corruption can be triggered when handling maliciously crafted tiff file causing application to crash or possibly execute arbitrary code ...