CVE-2009-3296

EPSS 3.7%

Published: 10/20/2009Modified: 4/28/2026

Description

Multiple integer overflows in tiffread.c in CamlImages 2.2 might allow remote attackers to execute arbitrary code via TIFF images containing large width and height values that trigger heap-based buffer overflows.

Affected packages (2)

Debian/advifrom 0, < 1.6.0-15
Debian/camlimagesfrom 0, < 1:3.0.1-5

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-3296