CVE Vulnerabilities

CVE-2004-1183

Published: Jan 06, 2005 | Modified: Nov 20, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.1 MEDIUM
AV:N/AC:H/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF file.

Affected Software

Name Vendor Start Version End Version
Libtiff Libtiff 3.4 (including) 3.4 (including)
Libtiff Libtiff 3.5.1 (including) 3.5.1 (including)
Libtiff Libtiff 3.5.2 (including) 3.5.2 (including)
Libtiff Libtiff 3.5.3 (including) 3.5.3 (including)
Libtiff Libtiff 3.5.4 (including) 3.5.4 (including)
Libtiff Libtiff 3.5.5 (including) 3.5.5 (including)
Libtiff Libtiff 3.5.6 (including) 3.5.6 (including)
Libtiff Libtiff 3.5.7 (including) 3.5.7 (including)
Libtiff Libtiff 3.6.0 (including) 3.6.0 (including)
Libtiff Libtiff 3.6.1 (including) 3.6.1 (including)
Libtiff Libtiff 3.7.0 (including) 3.7.0 (including)
Libtiff Libtiff 3.7.1 (including) 3.7.1 (including)
Red Hat Enterprise Linux 3 RedHat libtiff-0:3.5.7-22.el3 *
Red Hat Enterprise Linux 4 RedHat libtiff-0:3.6.1-8 *
Tiff Ubuntu dapper *
Tiff Ubuntu devel *
Tiff Ubuntu edgy *
Tiff Ubuntu feisty *

References