CESA-2017:0225 -- centos 7 libtiffID: oval:org.secpod.oval:def:204091 | Date: (C)2017-02-06 (M)2024-04-17 |
Class: PATCH | Family: unix |
The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an application linked against libtiff into processing specially crafted files. * Multiple flaws have been discovered in various libtiff tools . By tricking a user into processing a specially crafted file, a remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code with the privileges of the user running the libtiff tool