Notified:  October 26, 2004 Updated: October 27, 2004

Status

Affected

Vendor Statement

We shipped products which where affected by this vulnerability. After receiving the report from iDEFENSE we decided to disable OJPEG support in our libtiff packages. We have released updated libtiff packages disabling the OJPEG support.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.