7.5 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.061 Low
EPSS
Percentile
93.5%
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888
marc.info/?l=bugtraq&m=109778785107450&w=2
scary.beasts.org/security/CESA-2004-006.txt
secunia.com/advisories/12818
sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1
sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1
www.debian.org/security/2004/dsa-567
www.gentoo.org/security/en/glsa/glsa-200410-11.xml
www.kb.cert.org/vuls/id/948752
www.kde.org/info/security/advisory-20041209-2.txt
www.mandriva.com/security/advisories?name=MDKSA-2004:109
www.mandriva.com/security/advisories?name=MDKSA-2005:052
www.novell.com/linux/security/advisories/2004_38_libtiff.html
www.redhat.com/support/errata/RHSA-2004-577.html
www.redhat.com/support/errata/RHSA-2005-021.html
www.redhat.com/support/errata/RHSA-2005-354.html
www.securityfocus.com/bid/11406
exchange.xforce.ibmcloud.com/vulnerabilities/17703
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100114
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8896