Short Name |
HTTP:STC:DL:LIBTIFF-BOF |
---|---|
Severity |
High |
Recommended |
No |
Category |
HTTP |
Keywords |
LibTIFF LZWDecodeCompat Remote Buffer Overflow |
Release Date |
2012/12/20 |
Update Number |
2214 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
This signature detects attempts to exploit a known vulnerability against LibTIFF. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the affected application.
Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327.