iDefense Security Advisory 06.21.10 – Remote exploitation of a stack buffer overflow vulnerability in version 3.9.2 of LibTIFF, as included in various vendors’ operating system distributions, could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability is due to insufficient bounds checking when copying data into a stack allocated buffer. During the processing of a certain EXIF tag a fixed sized stack buffer is used as a destination location for a memory copy. This memory copy can cause the bounds of a stack buffer to be overflown and this condition may lead to arbitrary code execution. iDefense has confirmed the existence of this vulnerability in version 3.9.2 of libTIFF. Previous versions are not affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/91259/06.21.10-1.txt
Source: https://packetstormsecurity.com/files/91259/iDEFENSE-Security-Advisory-2010-06-21.1.html