Bug 996052 - (CVE-2013-4243) CVE-2013-4243 libtiff (gif2tiff): possible heap-based buffer overflow in readgifimage()
CVE-2013-4243 libtiff (gif2tiff): possible heap-based buffer overflow in read...
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20130814,repor...
: Security
Depends On: 996827 996832 996833 1063460 1063461 1063464 1063465
Blocks: 994449
  Show dependency treegraph
 
Reported: 2013-08-12 06:31 EDT by Murray McAllister
Modified: 2016-03-04 07:15 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-02-27 14:25:53 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
Proposed patch (689 bytes, patch)
2013-08-14 00:44 EDT, Huzaifa S. Sidhpurwala
no flags Details | Diff

  None (edit)
Description Murray McAllister 2013-08-12 06:31:23 EDT
A possible heap-based buffer overflow flaw was found in the readgifimage() function in gif2tiff, a tool to convert GIF images to TIFF. A remote attacker could provide a specially-crafted GIF file that, when processed by gif2tiff, would cause gif2tiff to crash or, potentially, execute arbitrary code with the privileges of the user running gif2tiff.
Comment 4 Huzaifa S. Sidhpurwala 2013-08-14 00:44:25 EDT
Created attachment 786400 [details]
Proposed patch
Comment 6 Huzaifa S. Sidhpurwala 2013-08-14 01:49:43 EDT
Created libtiff tracking bugs for this issue:

Affects: fedora-all [bug 996832]
Comment 7 Huzaifa S. Sidhpurwala 2013-08-14 01:49:48 EDT
Created mingw-libtiff tracking bugs for this issue:

Affects: fedora-all [bug 996833]
Comment 8 Huzaifa S. Sidhpurwala 2013-08-14 02:13:25 EDT
Acknowledgements:

This issue was discovered by Murray McAllister of the Red Hat Security Response Team.
Comment 10 Huzaifa S. Sidhpurwala 2013-08-14 06:06:20 EDT
Comment on attachment 786400 [details]
Proposed patch

Please note: this patch is incomplete.
Comment 11 Huzaifa S. Sidhpurwala 2013-08-22 00:56:47 EDT
Upstream bug:

http://bugzilla.maptools.org/show_bug.cgi?id=2451
Comment 15 errata-xmlrpc 2014-02-27 13:35:46 EST
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2014:0222 https://rhn.redhat.com/errata/RHSA-2014-0222.html
Comment 16 errata-xmlrpc 2014-02-27 13:39:26 EST
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2014:0223 https://rhn.redhat.com/errata/RHSA-2014-0223.html
Comment 17 Vincent Danen 2014-02-27 14:25:53 EST
Statement:

(none)

Note You need to log in before you can comment on or make changes to this bug.