Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
certCERTVU:687568
HistoryDec 01, 2004 - 12:00 a.m.

LibTIFF contains multiple integer overflows

2004-12-0100:00:00
www.kb.cert.org
35

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.114 Low

EPSS

Percentile

95.3%

JSON

Overview

Multiple integer overflows in the LibTIFF library may allow an attacker to execute arbitrary code.

Description

LibTIFF is a library used to encode and decode images in Tag Image File Format (TIFF) format. A number of potential integer overflow errors exist in the LibTIFF library. A lack of input validation on user-controlled data may allow a remote attacker to manipulate calls to the malloc() routine.

One instance of these vulnerabilities is in the TIFFFetchStripThing()routine within the tif_dirread.c file. A lack of validation on data specifying the size of an TIFF image may allow a remote attacker to manipulte malloc()to create a buffer with insufficient size. When data is copied to this under-sized buffer, a heap-based buffer overflow may occur. In order to exploit this specific attack vector, an attacker must craft a TIFF image with the STRIPOFFSETS flag set.

Please note that other routines may be vulnerable. In addition, any application that uses the LibTIFF library may be affected by this issue. Users are encouraged to contact their vendors to determine if they are vulnerable.

Impact

Depending on the application being used and the attack vector being exploited, potential consequences range from a denial-of-service condition to the execution of arbitrary code with the privileges of the LibTIFF process.

Solution

Apply Patch

Patch or upgrade as specified by your vendor. Users who suspect they are vulnerable are encouraged to check with their vendor to determine the appropriate action to take.

Vendor Information

687568

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Apple Computer Inc. Affected

Notified: November 01, 2004 Updated: December 01, 2004

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

Hitachi __ Not Affected

Notified: November 01, 2004 Updated: December 01, 2004

Status

Not Affected

Vendor Statement

Hitachi HI-UX/WE2 is NOT Vulenrable to this issue.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

NEC Corporation __ Not Affected

Notified: November 01, 2004 Updated: March 17, 2005

Status

Not Affected

Vendor Statement

NEC products are NOT susceptible to this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

BSDI Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

Conectiva Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

Cray Inc. Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

Debian __ Unknown

Notified: November 01, 2004 Updated: November 02, 2004

Status

Unknown

Vendor Statement

Debian GNU/Linux was vulnerable to these problems. The update has been part of DSA 567-1 which was released on October 15th.

For the stable distribution (woody) these problems have been fixed in version 3.5.5-6woody1.

For the unstable distribution (sid) these problems have been fixed in version 3.6.1-2.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

EMC Corporation Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

Engarde Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

F5 Networks Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

FreeBSD Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

Fujitsu Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

Hewlett-Packard Company Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

IBM Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

IBM eServer Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

IBM-zSeries Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

Immunix Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

Ingrian Networks Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

Juniper Networks Unknown

Notified: November 01, 2004 Updated: December 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

MandrakeSoft Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

MontaVista Software Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

NETBSD Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

Nokia Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

Novell Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

OpenBSD Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

Openwall GNU/*/Linux Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

Red Hat Inc. __ Unknown

Notified: November 01, 2004 Updated: November 01, 2004

Status

Unknown

Vendor Statement

For VU#687568 please see <https://rhn.redhat.com/cve/CAN-2004-0886.html&gt;.

For VU#555304 please see <https://rhn.redhat.com/cve/CAN-2004-0804.html&gt;.

For VU#948752 please see <https://rhn.redhat.com/cve/CAN-2004-0803.html&gt;.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

SCO Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

SGI Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

Sequent Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

Sony Corporation Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

SuSE Inc. Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

Sun Microsystems Inc. Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

TurboLinux Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

Unisys Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

Wind River Systems Inc. Unknown

Updated: November 01, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23687568 Feedback>).

View all 36 vendors __View less vendors __

CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

This vulnerability was reported in Secunia Security Advisory SA12818.Secunia credits Matthias Clasen for providing information regarding this vulnerability.

This document was written by Jeff Gennari.

Other Information

CVE IDs: CVE-2004-0886
Severity Metric: 10.33 Date Public:

Related

debian 2
osv 1
nessus 22
cert 3
gentoo 3
slackware 1
openvas 26
securityvulns 4
redhat 3
centos 3
suse 2
freebsd 3
cve 4
ubuntucve 4
debiancve 4
nvd 4
cvelist 4
debian
debian
[SECURITY] [DSA 567-1] New libtiff packages fix remote code execution
2004-10-15 17:51:16
[SECURITY] [DSA 567-1] New libtiff packages fix remote code execution
2004-10-15 17:51:16
osv
osv
tiff - heap overflows
2004-10-15 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : libtiff (MDKSA-2004:109)
2004-10-20 00:00:00
GLSA-200412-02 : PDFlib: Multiple overflows in the included TIFF library
2004-12-05 00:00:00
Mandrake Linux Security Advisory : wxGTK2 (MDKSA-2004:111)
2007-02-18 00:00:00
cert
cert
LibTIFF contains multiple heap-based buffer overflows
2004-12-01 00:00:00
LibTIFF vulnerable to denial-of-service condition
2004-12-01 00:00:00
LibTIFF vulnerable to integer overflow in the TIFFFetchStrip() routine
2005-01-20 00:00:00
gentoo
gentoo
kfax: Multiple overflows in the included TIFF library
2004-12-19 00:00:00
PDFlib: Multiple overflows in the included TIFF library
2004-12-05 00:00:00
tiff: Buffer overflows in image decoding
2004-10-13 00:00:00
slackware
slackware
[slackware-security] libtiff
2004-11-01 08:00:50
openvas
openvas
Gentoo Security Advisory GLSA 200412-02 (PDFlib)
2008-09-24 00:00:00
Debian Security Advisory DSA 567-1 (tiff)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200412-02 (PDFlib)
2008-09-24 00:00:00
securityvulns
securityvulns
KDE Security Advisory: kfax libtiff vulnerabilities
2004-12-10 00:00:00
[Full-Disclosure] [ GLSA 200412-02 ] PDFlib: Multiple overflows in the included TIFF library
2004-12-06 00:00:00
MDKSA-2004:111 - Updated wxGTK2 packages fix vulnerabilities
2004-10-22 00:00:00
redhat
redhat
(RHSA-2004:577) libtiff security update
2004-10-22 00:00:00
(RHSA-2005:021) kdegraphics security update
2005-04-12 00:00:00
(RHSA-2005:354) tetex security update
2005-04-01 00:00:00
centos
centos
kdegraphics security update
2005-04-12 23:05:10
tetex security update
2005-04-01 21:29:55
kdegraphics security update
2005-04-12 16:01:20
suse
suse
local privilege escalation in libtiff
2004-10-22 14:52:41
remote denial of service in kernel
2004-10-21 07:52:50
freebsd
freebsd
tiff -- multiple integer overflows
2004-10-13 00:00:00
tiff -- RLE decoder heap overflows
2004-10-13 00:00:00
tiff -- divide-by-zero denial-of-service
2002-03-27 00:00:00
cve
cve
CVE-2004-0886
2005-01-27 05:00:00
CVE-2004-0803
2004-12-23 05:00:00
CVE-2005-2452
2005-08-03 04:00:00
ubuntucve
ubuntucve
CVE-2004-0886
2005-01-27 00:00:00
CVE-2004-0803
2004-12-23 00:00:00
CVE-2004-0804
2004-11-03 00:00:00
debiancve
debiancve
CVE-2004-0886
2005-01-27 05:00:00
CVE-2004-0803
2004-12-23 05:00:00
CVE-2004-0804
2004-11-03 05:00:00
nvd
nvd
CVE-2004-0886
2005-01-27 05:00:00
CVE-2004-0803
2004-12-23 05:00:00
CVE-2005-2452
2005-08-03 04:00:00
cvelist
cvelist
CVE-2004-0886
2004-10-26 04:00:00
CVE-2004-0803
2004-10-26 04:00:00
CVE-2005-2452
2005-08-03 04:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.114 Low

EPSS

Percentile

95.3%

JSON
Related for VU:687568
debian2osv1nessus22cert3gentoo3slackware1openvas26securityvulns4redhat3centos3suse2freebsd3cve4ubuntucve4debiancve4nvd4cvelist4