These Vulnerabilities were discovered by Tyler Bohan of Cisco Talos.
Talos is releasing multiple vulnerabilities (TALOS-2016-0187, TALOS-2016-0190 & TALOS-2016-0205) in the LibTIFF library . One vulnerability (TALOS-2016-0187) is an exploitable heap based buffer overflow that impacts the LibTIFF TIFF2PDF conversion tool. Another vulnerability (TALOS-2016-0190) impacts the parsing and handling of TIFF images ultimately leading to remote code execution. The final vulnerability (TALOS-2016-0205) is an exploitable heap based buffer overflow in the handling of compressed TIFF images in LibTIFF’s PixarLogDecode API. An attacker who can trick a user into processing a malformed TIFF document can use one of these vulnerabilities to achieve remote code execution on the targeted system.
The Tagged Image File Format (TIFF) was developed in the mid-1980’s as a common file format able to store image data in a lossless format for the burgeoning image manipulation industry. Since then TIFF files have been widely adopted within the graphic arts industry, and also by electronic fax systems.
As usual, Talos team are always on track. Thank you for sharing your interesting and important insights and analysis that always give the right motivation to learn more. My respects.
Great reminder on how to minimize risk and exposure.