CVE Vulnerabilities

CVE-2004-0803

Published: Dec 23, 2004 | Modified: Oct 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.

Affected Software

Name Vendor Start Version End Version
Libtiff Libtiff 3.4 (including) 3.4 (including)
Libtiff Libtiff 3.5.1 (including) 3.5.1 (including)
Libtiff Libtiff 3.5.2 (including) 3.5.2 (including)
Libtiff Libtiff 3.5.3 (including) 3.5.3 (including)
Libtiff Libtiff 3.5.4 (including) 3.5.4 (including)
Libtiff Libtiff 3.5.5 (including) 3.5.5 (including)
Libtiff Libtiff 3.5.7 (including) 3.5.7 (including)
Libtiff Libtiff 3.6.0 (including) 3.6.0 (including)
Libtiff Libtiff 3.6.1 (including) 3.6.1 (including)
Pdf_library Pdflib 5.0.2 (including) 5.0.2 (including)
Wxgtk2 Wxgtk2 2.5_.0 (including) 2.5_.0 (including)
Red Hat Enterprise Linux 3 RedHat libtiff-0:3.5.7-20.1 *
Red Hat Enterprise Linux 3 RedHat kdegraphics-7:3.1.3-3.7 *
Red Hat Enterprise Linux 3 RedHat tetex-0:1.0.7-67.7 *
Tiff Ubuntu dapper *
Tiff Ubuntu devel *
Tiff Ubuntu edgy *
Tiff Ubuntu feisty *

References