FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  369565
Date:      2014-09-29
Time:      23:34:30Z
Committer: bdrewery

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
8816bf3a-7929-11df-bcce-0018f3e2eb82tiff -- Multiple integer overflows

Tielei Wang:

Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buffer overflow in the (a) cvt_whole_image function in tiff2rgba and (b) tiffcvt function in rgb2ycbcr.


Discovery 2009-05-22
Entry 2010-06-16
tiff
lt 3.9.4

linux-tiff
linux-f10-tiff
lt 3.9.4

CVE-2009-2347
http://www.remotesensing.org/libtiff/v3.9.4.html
http://www.ocert.org/advisories/ocert-2009-012.html