Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0803

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-0803
Last Modified 21 Aug 2010 12:21:18
Published 23 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0803

Summary

Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.

Vulnerable Systems

Operating System

  • Apple Mac Os X 10.2

  • Apple Mac Os X 10.2.1

  • Apple Mac Os X 10.2.2

  • Apple Mac Os X 10.2.3

  • Apple Mac Os X 10.2.4

  • Apple Mac Os X 10.2.5

  • Apple Mac Os X 10.2.6

  • Apple Mac Os X 10.2.7

  • Apple Mac Os X 10.2.8

  • Apple Mac Os X 10.3

  • Apple Mac Os X 10.3.1

  • Apple Mac Os X 10.3.2

  • Apple Mac Os X 10.3.3

  • Apple Mac Os X 10.3.4

  • Apple Mac Os X 10.3.5

  • Apple Mac Os X 10.3.6

  • Apple Mac Os X Server 10.2

  • Apple Mac Os X Server 10.2.1

  • Apple Mac Os X Server 10.2.2

  • Apple Mac Os X Server 10.2.3

  • Apple Mac Os X Server 10.2.4

  • Apple Mac Os X Server 10.2.5

  • Apple Mac Os X Server 10.2.6

  • Apple Mac Os X Server 10.2.7

  • Apple Mac Os X Server 10.2.8

  • Apple Mac Os X Server 10.3

  • Apple Mac Os X Server 10.3.1

  • Apple Mac Os X Server 10.3.2

  • Apple Mac Os X Server 10.3.3

  • Apple Mac Os X Server 10.3.4

  • Apple Mac Os X Server 10.3.5

  • Apple Mac Os X Server 10.3.6

  • Kde 3.2

  • Kde 3.2.1

  • Kde 3.2.2

  • Kde 3.2.3

  • Kde 3.3

  • Kde 3.3.1

  • Mandrakesoft Mandrake Linux 10.0

  • Redhat Enterprise Linux 2.1

  • Redhat Enterprise Linux 3.0

  • Redhat Enterprise Linux Desktop 3.0

  • Redhat Fedora Core Core 2.0

  • Redhat Linux Advanced Workstation 2.1

  • Suse Linux 1.0

  • Suse Linux 8

  • Suse Linux 8.1

  • Suse Linux 8.2

  • Suse Linux 9.0

  • Suse Linux 9.1

  • Trustix Secure Linux 1.5

  • Trustix Secure Linux 2.0

  • Trustix Secure Linux 2.1

Application

  • Libtiff 3.4

  • Libtiff 3.5.1

  • Libtiff 3.5.2

  • Libtiff 3.5.3

  • Libtiff 3.5.4

  • Libtiff 3.5.5

  • Libtiff 3.5.7

  • Libtiff 3.6.0

  • Libtiff 3.6.1

  • Pdflib Pdf Library 5.0.2

  • Wxgtk2 2.5 .0


References

CERT-VN - VU#948752

XF - libtiff-library-decoding-bo(17703)

REDHAT - RHSA-2004:577

DEBIAN - DSA-567

BID - 11406

REDHAT - RHSA-2005:354

REDHAT - RHSA-2005:021

SUSE - SUSE-SA:2004:038

CONFIRM - http://www.kde.org/info/security/advisory-20041209-2.txt

GENTOO - GLSA-200410-11

SUNALERT - 201072

SUNALERT - 101677

SECUNIA - 12818

MISC - http://scary.beasts.org/security/CESA-2004-006.txt

BUGTRAQ - 20041013 CESA-2004-006: libtiff

CONECTIVA - CLA-2004:888

MANDRAKE - MDKSA-2005:052

MANDRAKE - MDKSA-2004:109


Last Updated: 27 May 2016 10:38:46