Red Hat Inc. Information for VU#539110
LibTIFF vulnerable to integer overflow in the TIFFFetchStrip() routine
- Vendor Information Help Date Notified: 21 Jan 2005
- Statement Date:
- Date Updated: 23 Aug 2005
Status
Affected
Vendor Statement
This flaw was fixed as part of the update for CVE name CAN-2004-0886. Updates are available for Red Hat Enterprise Linux 3 and 2.1 to correct this issue. New libtiff packages along with our advisory are available at the URL below and by using the Red Hat Network 'up2date' tool.
http://rhn.redhat.com/errata/RHSA-2004-577.html
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Vendor References
None
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.