Mandriva Update For Libtiff MDVSA-2011:078 (libtiff) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerability has been found and corrected in libtiff: The libtiff OJPEG decoder contains a heap buffer overflow when decoding certain malformed data (CVE-2009-5022). The updated packages have been patched to correct this issue.

Affected

libtiff on Mandriva Linux 2010.0, Mandriva Linux 2010.0/X86_64, Mandriva Linux 2010.1, Mandriva Linux 2010.1/X86_64

Severity

Classification

CVE CVE-2009-5022

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:125 (wireshark)
Mandrake Security Advisory MDVSA-2009:124 (apache)
Mandrake Security Advisory MDVSA-2009:138 (tomcat5)
Mandrake Security Advisory MDVSA-2009:017 (kdebase)
Mandrake Security Advisory MDVSA-2009:026 (phpMyAdmin)

Mandriva Update for libtiff MDVSA-2011:078 (libtiff)

Take action and discover your vulnerabilities