Fedora Core 11 FEDORA-2009-7775 (libtiff) Network Vulnerability

Summary

The remote host is missing an update to libtiff announced via advisory FEDORA-2009-7775.

Solution

Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update libtiff' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-7775

Insight

Update Information: CVE-2009-2347 libtiff: integer overflows in various inter-color spaces conversion tools (crash, ACE) Not the same as last week's libtiff security issue ... ChangeLog: * Mon Jul 13 2009 Tom Lane 3.8.2-14 - Fix buffer overrun risks caused by unchecked integer overflow (CVE-2009-2347) Related: #510041 * Wed Jul 1 2009 Tom Lane 3.8.2-13 - Fix some more LZW decoding vulnerabilities (CVE-2009-2285) Related: #507465 - Update upstream URL

References

https://bugzilla.redhat.com/show_bug.cgi?id=510041

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-2285, CVE-2009-2347

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Take action and discover your vulnerabilities