A heap-based buffer overflow was found in the way TIFF (Tagged Image File
Format) image files manipulating library expanded certain rows of 2D-encoded
data, when processing TIFF Internet Fax image files, compressed with CCITT
group 4 compression algorithm. If an attacker created a specially-crafted
image file and tricked a local, unsuspecting user into loading the image
file in an application that uses the TIFF image manipulating library, it
could cause that application to crash or, potentially, execute arbitrary
code with the privileges of the user running the application.
A heap-based buffer overflow was found in the way TIFF (Tagged Image File
Format) image files manipulating library expanded certain rows of 2D-encoded
data, when processing TIFF Internet Fax image files, compressed with CCITT
group 4 compression algorithm. If an attacker created a specially-crafted
image file and tricked a local, unsuspecting user into loading the image
file in an application that uses the TIFF image manipulating library, it
could cause that application to crash or, potentially, execute arbitrary
code with the privileges of the user running the application.