Red Hat has issued updates for a highly critical flaw affecting workstations, desktops and servers (versions 2.1 and 3.0).

The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. An integer overflow bug that affects libtiff could allow attackers to crash applications linked to libtiff or possibly execute arbitrary code by tricking users into opening a malicious TIFF file. Updated libtiff packages that fix various integer overflows are now available.

Red Hat also released a patch for the highly critical Xpdf flaw on Wednesday. Xpdf, an X Window System based viewer for PDF files contains a buffer overflow flaw in its Gfx::doImage function. Red Hat believes that the Exec-Shield technology (enabled by default since Update 3) will block attempts to exploit this vulnerability on x86 systems.

Read this full article at CXOtoday Staff

Write Comment
Please keep the topic of messages relevant to the subject of the article. Personal verbal attacks will be deleted. Please don't use comments to plug your web site.. Such material will be removed.
Name:
Title:
Comment:
Code:*

Powered by AkoComment!