Summary
Ubuntu Update for Linux kernel vulnerabilities USN-1631-1
Solution
Please Install the Updated Packages.
Insight
It was discovered that LibTIFF incorrectly handled certain malformed images using the PixarLog compression format. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. (CVE-2012-4447)
Huzaifa S. Sidhpurwala discovered that the ppm2tiff tool incorrectly handled certain malformed PPM images. If a user or automated system were tricked into opening a specially crafted PPM image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. (CVE-2012-4564)
Affected
tiff on Ubuntu 12.10 ,
Ubuntu 12.04 LTS ,
Ubuntu 11.10 ,
Ubuntu 10.04 LTS ,
Ubuntu 8.04 LTS
Severity
Classification
-
CVE CVE-2012-4447, CVE-2012-4564 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities