A heap-buffer overflow vulnerability was found in libtiff in the tools/tiffcp. Using a maliciously crafted BitsPerSample value could cause the application to crash or possibly allow code execution. Upstream bugs: http://bugzilla.maptools.org/show_bug.cgi?id=2656 http://bugzilla.maptools.org/show_bug.cgi?id=2657 Upstream patch: https://github.com/vadz/libtiff/commit/5c080298d59efa53264d7248bbe3a04660db6ef7
Created libtiff tracking bugs for this issue: Affects: fedora-all [bug 1410123]
Created mingw-libtiff tracking bugs for this issue: Affects: fedora-all [bug 1410124] Affects: epel-7 [bug 1410125]
Statement: This is a heap-based buffer overflow in the tiffcp utility of libtiff. A specially-crafted image when processed via the tiffcp binary, could cause it to crash or execute arbitrary code with the permissions of the user running the utility.