← voltar
CVE-2004-1308

CVE-2004-1308

EPSS 15.0%
Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff 3.5.7 and 3.7.0 allows remote attackers to execute arbitrary code via a TIFF file containing a TIFF_ASCII or TIFF_UNDEFINED directory entry with a -1 entry count, which leads to a heap-based buffer overflow.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000920http://lists.apple.com/archives/security-announce/2005/May/msg00001.htmlhttp://secunia.com/advisories/13776https://exchange.xforce.ibmcloud.com/vulnerabilities/18637https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100117https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9392http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1http://www.debian.org/security/2004/dsa-617http://www.idefense.com/application/poi/display?id=174&type=vulnerabilitieshttp://www.kb.cert.org/vuls/id/125598http://www.mandriva.com/security/advisories?name=MDKSA-2005:052