lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <be3d65b4bf5ac5c96e2195fe78658c8d@webmail.webfaction.com> Date: Mon, 22 Dec 2014 18:11:27 +0200 From: Project Zero Labs <labs@...jectzero.gr> To: fulldisclosure@...lists.org Subject: [FD] CVE-2014-9330: Libtiff integer overflow in bmp2tiff ---------- Background ---------- Libtiff provides support for the Tag Image File Format (TIFF), a widely used format for storing image data. ---------------- Software Version ---------------- All tests were performed using libtiff 4.0.3 ----------- Description ----------- Fuzzing bmp2tiff, using the afl-fuzzer, revealed an integer overflow issue related to the dimensions of the input BMP image. The issue resulted in an out-of-bounds memory read which causes the application to crash. Details can be found at http://bugzilla.maptools.org/show_bug.cgi?id=2494. -------- Timeline -------- 2014-12-09 Discovery reported to libtiff bug tracker 2014-12-21 Issue was fixed 2014-12-22 Public Disclosure ------- Credits ------- Reported by Paris Zoumpouloglou of Project Zero labs -- Project Zero Labs @projectzerolabs https://www.projectzero.gr _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists