A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
The following packages are affected:
libtiff-tools
The problem can be corrected by upgrading the affected package to version 3.6.1-1.1ubuntu1.2. In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Dmitry V. Levin discovered a buffer overflow in the "tiffdump" utility. If an attacker tricked a user into processing a malicious TIFF image with tiffdump, they could cause a buffer overflow which at least causes the program to crash. However, it is not entirely clear whether this can be exploited to execute arbitrary code with the privileges of the user opening the image.