Published: 21/12/2004 Updated: 30/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Subscribe to Call Management System Server

Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote malicious users to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
avaya call management system server 13.0
avaya call management system server 8.0
f5 icontrol service manager 1.3
f5 icontrol service manager 1.3.4
libtiff libtiff 3.5.4
libtiff libtiff 3.5.5
conectiva linux 9.0
avaya call management system server 11.0
avaya call management system server 12.0
avaya interactive response 1.3
avaya intuity audix lx
libtiff libtiff 3.5.2
libtiff libtiff 3.5.3
sgi propack 3.0
conectiva linux 10.0
avaya integrated management
avaya interactive response
avaya interactive response 1.2.1
libtiff libtiff 3.4
libtiff libtiff 3.5.1
libtiff libtiff 3.6.1
libtiff libtiff 3.7.0
avaya call management system server 9.0
avaya cvlan
f5 icontrol service manager 1.3.5
f5 icontrol service manager 1.3.6
libtiff libtiff 3.5.7
libtiff libtiff 3.6.0
apple mac os x 10.3.6
apple mac os x 10.3.7
apple mac os x server 10.3.4
apple mac os x server 10.3.5
gentoo linux
mandrakesoft mandrake linux 10.0
sun solaris 10.0
sun sunos 5.7
apple mac os x 10.3.4
apple mac os x 10.3.5
apple mac os x server 10.3.2
apple mac os x server 10.3.3
avaya modular messaging message storage server 1.1
avaya modular messaging message storage server 2.0
apple mac os x 10.3.2
apple mac os x 10.3.3
apple mac os x server 10.3
apple mac os x server 10.3.1
apple mac os x server 10.3.8
apple mac os x server 10.3.9
mandrakesoft mandrake linux corporate server 3.0
sun solaris 8.0
sun solaris 9.0
sco unixware 7.1.4
avaya mn100
apple mac os x 10.3
apple mac os x 10.3.1
apple mac os x 10.3.8
apple mac os x 10.3.9
apple mac os x server 10.3.6
apple mac os x server 10.3.7
mandrakesoft mandrake linux 10.1
sun solaris 7.0
sun sunos 5.8

Synopsis kdegraphics security update Type/Severity Security Advisory: Moderate Topic Updated kdegraphics packages that resolve multiple security issues in kfaxare now availableThis update has been rated as having moderate security impact by the RedHat Security Response Team Description The ...

Synopsis libtiff security update Type/Severity Security Advisory: Important Topic Updated libtiff packages that fix various buffer and integer overflows arenow available Description The libtiff package contains a library of functions for manipulating TIFF(Tagged Image File Format) image fo ...

NVD-CWE-Other http://www.idefense.com/application/poi/display?id=173&type=vulnerabilities&flashstatus=true http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://www.kb.cert.org/vuls/id/539110 http://www.us-cert.gov/cas/techalerts/TA05-136A.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11175 https://access.redhat.com/errata/RHSA-2005:021 https://nvd.nist.gov https://www.kb.cert.org/vuls/id/539110

CVE-2004-1307

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect