CVE-2004-0803

critical

Description

Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8896

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100114

https://exchange.xforce.ibmcloud.com/vulnerabilities/17703

http://www.securityfocus.com/bid/11406

http://www.redhat.com/support/errata/RHSA-2005-354.html

http://www.redhat.com/support/errata/RHSA-2005-021.html

http://www.redhat.com/support/errata/RHSA-2004-577.html

http://www.novell.com/linux/security/advisories/2004_38_libtiff.html

http://www.mandriva.com/security/advisories?name=MDKSA-2005:052

http://www.mandriva.com/security/advisories?name=MDKSA-2004:109

http://www.kde.org/info/security/advisory-20041209-2.txt

http://www.kb.cert.org/vuls/id/948752

http://www.gentoo.org/security/en/glsa/glsa-200410-11.xml

http://www.debian.org/security/2004/dsa-567

http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1

http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1

http://secunia.com/advisories/12818

http://scary.beasts.org/security/CESA-2004-006.txt

http://marc.info/?l=bugtraq&m=109778785107450&w=2

http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888

Details

Source: Mitre, NVD

Published: 2004-12-23

Updated: 2017-10-11

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

Detections

Analytics