5.1

CVE-2004-1183

Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LibtiffLibtiff Version3.4
LibtiffLibtiff Version3.5.1
LibtiffLibtiff Version3.5.2
LibtiffLibtiff Version3.5.3
LibtiffLibtiff Version3.5.4
LibtiffLibtiff Version3.5.5
LibtiffLibtiff Version3.5.6
LibtiffLibtiff Version3.5.7
LibtiffLibtiff Version3.6.0
LibtiffLibtiff Version3.6.1
LibtiffLibtiff Version3.7.0
LibtiffLibtiff Version3.7.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.88% 0.888
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.1 4.9 6.4
AV:N/AC:H/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.mandriva.com/security/advisories?name=MDKSA-2005:052
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000920
http://marc.info/?l=bugtraq&m=110503635113419&w=2
http://secunia.com/advisories/13728/
http://secunia.com/advisories/13776
http://security.gentoo.org/glsa/glsa-200501-06.xml
Patch
http://www.debian.org/security/2004/dsa-626
http://www.mandriva.com/security/advisories?name=MDKSA-2005:001
http://www.mandriva.com/security/advisories?name=MDKSA-2005:002
http://www.novell.com/linux/security/advisories/2005_01_libtiff_tiff.html
Patch
http://www.redhat.com/support/errata/RHSA-2005-019.html
http://www.redhat.com/support/errata/RHSA-2005-035.html
http://www.securityfocus.com/bid/12173
https://exchange.xforce.ibmcloud.com/vulnerabilities/18782
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9743