Note: This is an archival copy of Security Sun Alert 267808 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1020945.1.
Solaris 8 Operating System
Solaris 9 Operating System
Solaris 10 Operating System
Date of Workaround Release
A security vulnerability in the LZW decoding function of the Solaris Tag Image File Format Library libtiff(3):
A security vulnerability in the LZW decoding function of the Solaris Tag Image File Format Library libtiff(3) may allow a local or remote unprivileged user to crash applications that use this function via a crafted TIFF image. The ability to crash an application is a type of Denial of Service (DoS).
This issue is also described in the following document:
2. Contributing Factors
This issue can occur in the following releases:
Note 2: This issue only affect systems which have the libtiff(3) library installed. This library is part of the SUNWTiff package. To determine if the SUNWTiff package is installed on Solaris 8, 9, and 10, the pkginfo(1) command can be used:
$ pkginfo -q SUNWTiff && echo "SUNWTiff is installed"Note 3: OpenSolaris distributions may include additional bug fixes above and beyond the build from which it was derived. To determine the base build of OpenSolaris, the following command can be used:
$ uname -v3. Symptoms
There are no predictable symptoms that would indicate this issue has been exploited to cause a Denial of Service (DOS) condition.
To work around the described issues, do not load TIFF images from untrusted sources.
This issue is addressed in the following releases:
For more information on Security Sun Alerts, see 1009886.1.
Copyright 2000-2009 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved.
06-Oct-2009: Updated Contributing Factors and Resolution sections.
This solution has no attachment