DescriptionThe t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow.
NVD CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
SUSE informationSUSE Bugzilla entries: 770816 [RESOLVED / FIXED], 854393 [NEEDINFO] SUSE Security Advisories:
- SUSE-SU-2012:0919-1, published Sun Jul 29 17:08:27 MDT 2012
- SUSE-SU-2013:1639-1, published Thu Nov 7 09:04:17 MST 2013
- openSUSE-SU-2012:0955-1, published Mon, 6 Aug 2012 12:08:41 +0200 (CEST)