Lucene search

[email protected]NVD:CVE-2004-0803

HistoryDec 23, 2004 - 5:00 a.m.

CVE-2004-0803

2004-12-2305:00:00

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.061 Low

EPSS

Percentile

93.6%

JSON

Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.

Affected configurations

NVD

Node

libtifflibtiffMatch3.4

libtifflibtiffMatch3.5.1

libtifflibtiffMatch3.5.2

libtifflibtiffMatch3.5.3

libtifflibtiffMatch3.5.4

libtifflibtiffMatch3.5.5

libtifflibtiffMatch3.5.7

libtifflibtiffMatch3.6.0

libtifflibtiffMatch3.6.1

pdflibpdf_libraryMatch5.0.2

wxgtk2wxgtk2Match2.5_.0

Node

applemac_os_xMatch10.2

applemac_os_xMatch10.2.1

applemac_os_xMatch10.2.2

applemac_os_xMatch10.2.3

applemac_os_xMatch10.2.4

applemac_os_xMatch10.2.5

applemac_os_xMatch10.2.6

applemac_os_xMatch10.2.7

applemac_os_xMatch10.2.8

applemac_os_xMatch10.3

applemac_os_xMatch10.3.1

applemac_os_xMatch10.3.2

applemac_os_xMatch10.3.3

applemac_os_xMatch10.3.4

applemac_os_xMatch10.3.5

applemac_os_xMatch10.3.6

applemac_os_x_serverMatch10.2

applemac_os_x_serverMatch10.2.1

applemac_os_x_serverMatch10.2.2

applemac_os_x_serverMatch10.2.3

applemac_os_x_serverMatch10.2.4

applemac_os_x_serverMatch10.2.5

applemac_os_x_serverMatch10.2.6

applemac_os_x_serverMatch10.2.7

applemac_os_x_serverMatch10.2.8

applemac_os_x_serverMatch10.3

applemac_os_x_serverMatch10.3.1

applemac_os_x_serverMatch10.3.2

applemac_os_x_serverMatch10.3.3

applemac_os_x_serverMatch10.3.4

applemac_os_x_serverMatch10.3.5

applemac_os_x_serverMatch10.3.6

kdekdeMatch3.2

kdekdeMatch3.2.1

kdekdeMatch3.2.2

kdekdeMatch3.2.3

kdekdeMatch3.3

kdekdeMatch3.3.1

mandrakesoftmandrake_linuxMatch10.0

mandrakesoftmandrake_linuxMatch10.0amd64

redhatenterprise_linuxMatch2.1advanced_server

redhatenterprise_linuxMatch2.1advanced_server_ia64

redhatenterprise_linuxMatch2.1enterprise_server

redhatenterprise_linuxMatch2.1enterprise_server_ia64

redhatenterprise_linuxMatch2.1workstation

redhatenterprise_linuxMatch2.1workstation_ia64

redhatenterprise_linuxMatch3.0advanced_servers

redhatenterprise_linuxMatch3.0enterprise_server

redhatenterprise_linuxMatch3.0workstation

redhatenterprise_linux_desktopMatch3.0

redhatfedora_coreMatchcore_2.0

redhatlinux_advanced_workstationMatch2.1ia64

redhatlinux_advanced_workstationMatch2.1itanium_processor

susesuse_linuxMatch1.0desktop

susesuse_linuxMatch8enterprise_server

susesuse_linuxMatch8.1

susesuse_linuxMatch8.2

susesuse_linuxMatch9.0

susesuse_linuxMatch9.0enterprise_server

susesuse_linuxMatch9.1

trustixsecure_linuxMatch1.5

trustixsecure_linuxMatch2.0

trustixsecure_linuxMatch2.1

References

distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888

marc.info/?l=bugtraq&m=109778785107450&w=2

scary.beasts.org/security/CESA-2004-006.txt

secunia.com/advisories/12818

sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1

sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1

www.debian.org/security/2004/dsa-567

www.gentoo.org/security/en/glsa/glsa-200410-11.xml

www.kb.cert.org/vuls/id/948752

www.kde.org/info/security/advisory-20041209-2.txt

www.mandriva.com/security/advisories?name=MDKSA-2004:109

www.mandriva.com/security/advisories?name=MDKSA-2005:052

www.novell.com/linux/security/advisories/2004_38_libtiff.html

www.redhat.com/support/errata/RHSA-2004-577.html

www.redhat.com/support/errata/RHSA-2005-021.html

www.redhat.com/support/errata/RHSA-2005-354.html

www.securityfocus.com/bid/11406

exchange.xforce.ibmcloud.com/vulnerabilities/17703

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100114

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8896

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.061 Low

EPSS

Percentile

93.6%

JSON

Related for NVD:CVE-2004-0803

gentoo3 freebsd1 openvas22 securityvulns4 cve1 debiancve1 cvelist1 nessus19 ubuntucve1 debian2 osv1 cert4 slackware1 redhat3 centos3 suse2