Apple Security Advisory 2012-09-24-1 - Apple TV 5.1 is now available and addresses issues relating to malicious media loading, memory corruption, and more.
8b08f2840773bcd43aa00f4439e1687a278652e1b463a125bb95947245e9cf9b
Gentoo Linux Security Advisory 201209-2 - Multiple vulnerabilities in libTIFF could result in execution of arbitrary code or Denial of Service. Versions less than 4.0.2-r1 are affected.
4c1d531cd4481a5572a3c053df88570eab2536699dd069f5b711c89773f211c5
Apple Security Advisory 2012-09-19-2 - OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004 are now available and address Apache, BIND, CoreText, Data Security, and many other vulnerabilities.
40b0db811b217e85fb6806b53d13edb126d8f6537576e1fb80a6d9e6c2266a62
Red Hat Security Advisory 2012-0468-01 - The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Two integer overflow flaws, leading to heap-based buffer overflows, were found in the way libtiff attempted to allocate space for a tile in a TIFF image file. An attacker could use these flaws to create a specially-crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. All libtiff users should upgrade to these updated packages, which contain a backported patch to resolve these issues. All running applications linked against libtiff must be restarted for this update to take effect.
1c154b2cc7b2764e4eb386316ad291c0776e267591f9cfe7e2c473ddf73fde81
Mandriva Linux Security Advisory 2012-054 - An integer overflow was discovered in the libtiff/tiff_getimage.c file in the tiff library which could cause execution of arbitrary code using a specially crafted TIFF image file. The updated packages have been patched to correct this issue.
c2470d757530bdc1d852c273dcedf2585d7fa9b116357c0843f71011fcfb5e3d
Debian Linux Security Advisory 2447-1 - Alexander Gavrun discovered an integer overflow in the TIFF library in the parsing of the TileSize entry, which could result in the execution of arbitrary code if a malformed image is opened.
6ce335ccbe6295d66a62055d9901e728323be55bdabae78fa343cfb3420c7849
Ubuntu Security Notice 1416-1 - Alexander Gavrun discovered that the TIFF library incorrectly allocated space for a tile. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could execute arbitrary code with user privileges, or crash the application, leading to a denial of service. It was discovered that the tiffdump utility incorrectly handled directory data structures with many directory entries. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. This issue only applied to Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. Various other issues were also addressed.
681cde6032e82ac9b21d67f935de062ade203b655ea767682858a6b7da05457c