Updated by Andrey Kamaev almost 13 years ago
libtiff 3.9.4 is used in opencv and is vulnerable to cve-2001-1167 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1167 . It is fixed in libtiff 3.9.5. You can see a patch for the vuln at http://bugzilla.maptools.org/attachment.cgi?id=446&action=diff which is not present in https://code.ros.org/trac/opencv/browser/trunk/opencv/3rdparty/libtiff/tif_thunder.c
This is a similar vulnerability to some that were previously fixed in #585 https://code.ros.org/trac/opencv/ticket/585
This is a similar vulnerability to some that were previously fixed in #585 https://code.ros.org/trac/opencv/ticket/585