| Severity |
|
| Remote |
|
| Type |
| + |
Arbitrary code execution |
|
| Description |
| + |
Heap-based buffer overflow vulnerability was found in tif_packbits.c in PackBitsEncode function. Memory corruption can be triggered when bmp2tiff is handling maliciously crafted bmp file causing application to crash or possibly execute arbitrary code. |
|
| References |
| + |
http://bugzilla.maptools.org/show_bug.cgi?id=2562 |
| + |
http://seclists.org/oss-sec/2016/q2/486 |
|
| Notes |
| + |
reproducer: http://bugzilla.maptools.org/attachment.cgi?id=652 |
| + |
bmp2tiff has been removed in libtiff 4.0.7 |
|