Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
certCERTVU:125598
HistoryJan 11, 2005 - 12:00 a.m.

LibTIFF vulnerable to integer overflow via corrupted directory entry count

2005-01-1100:00:00
www.kb.cert.org
18

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.129 Low

EPSS

Percentile

95.5%

JSON

Overview

An integer overflow in LibTIFF may allow a remote attacker to execute arbitrary code.

Description

LibTIFF is a library used to encode and decode images in Tag Image File Format (TIFF). A lack of validation on user supplied input may allow buffer overflow to occur. TIFF files contain directory entry header fields to describe the data in the file. If a remote attacker creates a TIFF file with specially crafted directory headers and persuades a user to access that file, an integer overflow will occur that may eventually lead to a heap-based buffer overflow.

Impact

If a remote attacker can persuade a user to access a specially crafted TIFF image, that attacker may be able to execute arbitrary code with the privileges of that user.

Solution

Upgrade or Patch

This issue has been corrected in LibTIFF version 3.7.1. Obtain a patch or upgraded software from your vendor. Recompile statically linked applications.

Do Not Accept TIFF Files from Unknown or Untrusted Sources

Exploitation occurs by accessing a specially crafted TIFF file (typically .tiff or .tif extension). By only accessing TIFF files from trusted or known sources, the chances of exploitation are reduced.

Vendor Information

125598

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Apple Computer Inc. __ Affected

Notified: January 11, 2005 Updated: May 05, 2005

Status

Affected

Vendor Statement

This is addressed in Security Update 2005-005. Further information is available at:

<http://docs.info.apple.com/article.html?artnum=301528&gt;.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

Debian __ Affected

Notified: January 11, 2005 Updated: January 11, 2005

Status

Affected

Vendor Statement

Debian GNU/Linux was vulnerable to this problem and has issued an advisory with updated packages: DSA 617[1]. Another vulnerability has been discovered by Dmitry Levin which has been fixed in DSA 626 and has CAN-2004-1183 assigned as unique vulnerability identifier.

For the stable distribution (woody) these problems have been fixed in version 3.5.5-6.woody5.

For the unstable distribution (sid) these problems have been fixed in version 3.6.1-5.

Links:

1. <http://www.debian.org/security/2004/dsa-617&gt;
2. <http://www.debian.org/security/2005/dsa-626&gt;

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

<http://www.debian.org/security/2004/dsa-617&gt;

FreeBSD __ Affected

Notified: January 11, 2005 Updated: January 11, 2005

Status

Affected

Vendor Statement

libtiff and other software incorporating libtiff is available in the FreeBSD Ports Collection. Please see

<http://vuxml.freebsd.org/fc7e6a42-6012-11d9-a9e7-0001020eed82.html&gt;
for details regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

<http://vuxml.freebsd.org/fc7e6a42-6012-11d9-a9e7-0001020eed82.html&gt;

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

Red Hat Inc. __ Affected

Notified: January 11, 2005 Updated: January 19, 2005

Status

Affected

Vendor Statement

Red Hat Enterprise Linux ships with a LibTIFF package vulnerable to this issues. New LibTiff packages are now available along with our advisory at the URLs below and by using the Red Hat Network ‘up2date’ tool.

Red Hat Enterprise Linux (2.1 3):

<http://rhn.redhat.com/errata/RHSA-2005-019.html&gt;

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

NEC Corporation __ Not Affected

Notified: January 11, 2005 Updated: March 17, 2005

Status

Not Affected

Vendor Statement

NEC products are NOT susceptible to this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

NetBSD __ Not Affected

Notified: January 11, 2005 Updated: January 13, 2005

Status

Not Affected

Vendor Statement

NetBSD does not include libtiff in the Operating System release.

It is available as a third-party package in the pkgsrc system, and was updated to 3.7.1 when the release first became public. A number of graphical programs and desktop environments in pkgsrc depend on libtiff, and so it may well have been installed as part of building another package.

Known vulnerabilities in third-party pkgsrc packages are published in the pkg-vulnerabilities database. NetBSD recommends that users check installed packages against this database regularly using the tools in the security/audit-packages package.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

Connectiva __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

Cray Inc. __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

EMC Corporation __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

Engarde __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

F5 Networks __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

Fujitsu __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

Hewlett-Packard Company __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

Hitachi __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

IBM __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

IBM eServer __ Unknown

Notified: January 11, 2005 Updated: January 13, 2005

Status

Unknown

Vendor Statement

For information related to this and other published CERT Advisories that may relate to the IBM eServer Platforms (xSeries, iSeries, pSeries, and zSeries) please go to

https://app-06.www.ibm.com/servers/resourcelink/lib03020.nsf/pages/securityalerts?OpenDocument&pathID=
In order to access this information you will require a Resource Link ID. To subscribe to Resource Link go to

<http://app-06.www.ibm.com/servers/resourcelink&gt;
and follow the steps for registration.

All questions should be refferred to [email protected].

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

IBM-zSeries __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

Immunix __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

Ingrian Networks __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

Juniper Networks __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

MandrakeSoft __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

Microsoft Corporation __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

MontaVista Software __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

Nokia __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

Novell __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

OpenBSD __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

Openwall GNU/*/Linux __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

SCO-LINUX __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

SCO-UNIX __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

SGI __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

Sequent __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

Sony Corporation __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

SuSE Inc. __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

Sun Microsystems Inc. __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

TurboLinux __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

Unisys __ Unknown

Notified: January 11, 2005 Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

Wind River Systems Inc. __ Unknown

Updated: January 11, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23125598 Feedback>).

View all 37 vendors __View less vendors __

CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

This vulnerability was reported by iDefense.

This document was written by Jeff Gennari.

Other Information

CVE IDs: CVE-2004-1308
Severity Metric: 7.75 Date Public:

Related

nessus 18
openvas 20
gentoo 1
suse 1
redhat 3
securityvulns 2
ubuntucve 2
ubuntu 2
debiancve 2
cvelist 2
debian 4
freebsd 2
cve 2
osv 2
centos 2
cert 1
nessus
nessus
SUSE-SA:2005:001: libtiff/tiff
2005-02-03 00:00:00
RHEL 2.1 / 3 : libtiff (RHSA-2005:019)
2005-01-13 00:00:00
GLSA-200501-06 : tiff: New overflows in image decoding
2005-02-14 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200501-06 (tiff)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200501-06 (tiff)
2008-09-24 00:00:00
Ubuntu: Security Advisory (USN-46-1)
2022-08-26 00:00:00
gentoo
gentoo
tiff: New overflows in image decoding
2005-01-05 00:00:00
suse
suse
remote system compromise in libtiff/tiff
2005-01-10 10:35:29
redhat
redhat
(RHSA-2005:035) libtiff security update
2005-02-15 00:00:00
(RHSA-2005:019) libtiff security update
2005-01-13 00:00:00
(RHSA-2005:021) kdegraphics security update
2005-04-12 00:00:00
securityvulns
securityvulns
[ GLSA 200501-06 ] tiff: New overflows in image decoding
2005-01-06 00:00:00
US-CERT Technical Cyber Security Alert TA05-136A -- Apple Mac OS X is affected by multiple vulnerabilities
2005-05-17 00:00:00
ubuntucve
ubuntucve
CVE-2004-1308
2005-01-10 00:00:00
CVE-2004-1183
2005-01-06 00:00:00
ubuntu
ubuntu
TIFF library vulnerability
2004-12-22 00:00:00
TIFF library tool vulnerability
2005-01-07 00:00:00
debiancve
debiancve
CVE-2004-1308
2005-01-10 05:00:00
CVE-2004-1183
2005-01-06 05:00:00
cvelist
cvelist
CVE-2004-1308
2004-12-22 05:00:00
CVE-2004-1183
2005-01-19 05:00:00
debian
debian
[SECURITY] [DSA 617-1] New libtiff packages fix arbitrary code execution
2004-12-24 00:00:00
[SECURITY] [DSA 626-1] New tiff packages fix denial of service
2005-01-06 00:00:00
[SECURITY] [DSA 617-1] New libtiff packages fix arbitrary code execution
2004-12-24 14:15:44
freebsd
freebsd
tiff -- directory entry count integer overflow vulnerability
2004-12-17 00:00:00
tiff -- tiffdump integer overflow vulnerability
2005-01-06 00:00:00
cve
cve
CVE-2004-1308
2005-01-10 05:00:00
CVE-2004-1183
2005-01-06 05:00:00
osv
osv
tiff - unsanitised input
2005-01-06 00:00:00
libtiff - insufficient input validation
2004-12-24 00:00:00
centos
centos
kdegraphics security update
2005-04-12 16:01:20
kdegraphics security update
2005-04-12 23:05:10
cert
cert
LibTIFF vulnerable to integer overflow in the TIFFFetchStrip() routine
2005-01-20 00:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.129 Low

EPSS

Percentile

95.5%

JSON
Related for VU:125598
nessus18openvas20gentoo1suse1redhat3securityvulns2ubuntucve2ubuntu2debiancve2cvelist2debian4freebsd2cve2osv2centos2cert1