Multiple integer overflows in tiffread.c in CamlImages 2.2 might allow remote attackers to execute arbitrary code via TIFF images containing large width and height values that trigger heap-based buffer overflows.
Vector
NETWORK
Complexity
LOW
Authentication
NONE
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL
| Advisory | Patch | Confirmed | Link |
|---|---|---|---|
| 36713 | |||
| DSA-1912 | |||
| http://security.debian.org/pool/updates/main/c/camlimage... | |||
| http://security.debian.org/pool/updates/main/c/camlimage... | |||
| 37067 |