2 matches found
CVE-2004-1307
CVE-2004-1307 describes a heap-based buffer overflow in libtiff 3.6.1 triggered by a TIFF file using the STRIPOFFSETS flag with many strips, due to an overflow in TIFFFetchStripThing in tif_dirread.c. The vulnerability could allow remote code execution as a result of processing crafted TIFF files...
CVE-2004-1307
Integer overflow in the TIFFFetchStripThing function in tifdirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overfl...