Release Date: June 29th, 2006
Versions Affected: Apple OS X 10.4.7 and prior
TIFF is a file format used mainly for storing images, including photographs and line art. Every TIFF file begins with a 2-byte field that indicates byte ordering: “II” for little endian and “MM” for big endian. The following two bytes contain the constant value 42. These values are followed by additional header fields and image data.
When processing a malformed .tiff image file, the TIFFFetchAnyArray () function does not properly parse an invalid tag causing the application which it was opened with to crash. This issue is within the ImageIO parsing engine making Preview, Finder, QuickTime, and Safari potential attack vectors for this issue.
05/15/2006 – Vendor is notified
06/05/2006 – Vendor acknowlegdes that the flaw has no security impact, and no patch will be released.
06/29/2006 – Advisory released
Solution: Currently no patch has been released for this issue.
Discovered by: Tom Ferris