Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1183

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2004-1183
Last Modified 21 Aug 2010 12:21:59
Published 06 Jan 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2004-1183

Summary

Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF file.

Vulnerable Systems

Application

  • Libtiff 3.4

  • Libtiff 3.5.1

  • Libtiff 3.5.2

  • Libtiff 3.5.3

  • Libtiff 3.5.4

  • Libtiff 3.5.5

  • Libtiff 3.5.6

  • Libtiff 3.5.7

  • Libtiff 3.6.0

  • Libtiff 3.6.1

  • Libtiff 3.7.0

  • Libtiff 3.7.1


References

SUSE - SUSE-SA:2005:001

GENTOO - GLSA-200501-06

BUGTRAQ - 20050106 [USN-54-1] TIFF library tool vulnerability

XF - libtiff-tiffdump-bo(18782)

REDHAT - RHSA-2005:035

REDHAT - RHSA-2005:019

SECUNIA - 13728

CONECTIVA - CLA-2005:920

BID - 12173

MANDRAKE - MDKSA-2005:052

MANDRAKE - MDKSA-2005:002

MANDRAKE - MDKSA-2005:001

SECUNIA - 13776


Last Updated: 27 May 2016 10:38:56