Description: Herve Drolon has reported a vulnerability in LibTIFF, which can be exploited by malicious people to crash certain applications on a user's system.
The vulnerability is caused due to a NULL pointer dereferencing error in tif_dir.c. This can be exploited to crash an application linked against LibTIFF when a specially crafted TIFF image is processed.
The vulnerability has been confirmed in version 3.8.0. Other versions may also be affected.
Solution: The vendor has supplied a patch for this vulnerability. However, it is still possible to cause an application to crash via certain crafted TIFF images.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.