7.5
CVE-2004-1307
- EPSS 5.11%
- Published 21.12.2004 05:00:00
- Last modified 03.04.2025 01:03:51
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.
Data is provided by the National Vulnerability Database (NVD)
Avaya ≫ Call Management System Server Version8.0
Avaya ≫ Call Management System Server Version9.0
Avaya ≫ Call Management System Server Version11.0
Avaya ≫ Call Management System Server Version12.0
Avaya ≫ Call Management System Server Version13.0
Avaya ≫ Interactive Response Version1.2.1
Avaya ≫ Interactive Response Version1.3
F5 ≫ Icontrol Service Manager Version1.3
F5 ≫ Icontrol Service Manager Version1.3.4
F5 ≫ Icontrol Service Manager Version1.3.5
F5 ≫ Icontrol Service Manager Version1.3.6
Apple ≫ macOS X Server Version10.3
Apple ≫ macOS X Server Version10.3.1
Apple ≫ macOS X Server Version10.3.2
Apple ≫ macOS X Server Version10.3.3
Apple ≫ macOS X Server Version10.3.4
Apple ≫ macOS X Server Version10.3.5
Apple ≫ macOS X Server Version10.3.6
Apple ≫ macOS X Server Version10.3.7
Apple ≫ macOS X Server Version10.3.8
Apple ≫ macOS X Server Version10.3.9
Avaya ≫ Modular Messaging Message Storage Server Version1.1
Avaya ≫ Modular Messaging Message Storage Server Version2.0
Mandrakesoft ≫ Mandrake Linux Version10.0
Mandrakesoft ≫ Mandrake Linux Version10.0 Editionamd64
Mandrakesoft ≫ Mandrake Linux Version10.1
Mandrakesoft ≫ Mandrake Linux Version10.1 Editionx86_64
Mandrakesoft ≫ Mandrake Linux Corporate Server Version3.0
Mandrakesoft ≫ Mandrake Linux Corporate Server Version3.0 Editionx86_64
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.11% | 0.888 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|