Apple OS X 10.4.7 .tiff "TIFFFetchAnyArray ()" DoS

Release Date:  June 29th, 2006
Severity: Low
Vendor: Apple
Versions Affected:  Apple OS X 10.4.7 and prior

TIFF is a file format used mainly for storing images, including photographs and line art. Every TIFF file begins with a 2-byte field that indicates byte ordering: “II” for little endian and “MM” for big endian. The following two bytes contain the constant value 42. These values are followed by additional header fields and image data.

Technical Details:
When processing a malformed .tiff image file, the TIFFFetchAnyArray () function does not properly parse an invalid tag causing the application which it was opened with to crash. This issue is within the ImageIO parsing engine making Preview, Finder, QuickTime, and Safari potential attack vectors for this issue.

Vendor Status:
05/15/2006 – Vendor is notified
06/05/2006 – Vendor acknowlegdes that the flaw has no security impact, and no patch will be released.
06/29/2006 – Advisory released

Solution: Currently no patch has been released for this issue.

Discovered by: Tom Ferris

Leave a Reply