CVE-2004-0804
published 2004-11-03CVE-2004-0804: Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (application crash) via a TIFF image that causes a…
PriorityP413medium4.3CVSS 2.0
AVNACMAuNCNINAP
EPSS
4.33%
90.0th percentile
Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (application crash) via a TIFF image that causes a divide-by-zero error when the number of row bytes is zero, a different vulnerability than CVE-2005-2452.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | tiff | < tiff 3.6.1-2 (bookworm) | tiff 3.6.1-2 (bookworm) |
| debian | tiff | < tiff 3.7.0-1 (bookworm) | tiff 3.7.0-1 (bookworm) |
| libtiff | libtiff | < 3.7.0 | 3.7.0 |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM
vendor_debian4.3MEDIUM
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3qc8-39jf-7268: libtiff up to 3
ghsa_unreviewed·2022-05-01·CVSS 4.3
CVE-2005-2452 [MEDIUM] GHSA-3qc8-39jf-7268: libtiff up to 3
libtiff up to 3.7.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image header with a zero "YCbCr subsampling" value, which causes a divide-by-zero error in (1) tif_strip.c and (2) tif_tile.c, a different vulnerability than CVE-2004-0804.
GHSA
GHSA-8mfw-4xw2-v3m5: Vulnerability in tif_dirread
ghsa_unreviewed·2022-04-29·CVSS 5.0
CVE-2004-0804 [MEDIUM] CWE-369 GHSA-8mfw-4xw2-v3m5: Vulnerability in tif_dirread
Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (application crash) via a TIFF image that causes a divide-by-zero error when the number of row bytes is zero, a different vulnerability than CVE-2005-2452.
OSV
CVE-2005-2452: libtiff up to 3
osv·2005-08-03·CVSS 4.3
CVE-2005-2452 [MEDIUM] CVE-2005-2452: libtiff up to 3
libtiff up to 3.7.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image header with a zero "YCbCr subsampling" value, which causes a divide-by-zero error in (1) tif_strip.c and (2) tif_tile.c, a different vulnerability than CVE-2004-0804.
OSV
CVE-2004-0804: Vulnerability in tif_dirread
osv·2004-11-03·CVSS 4.3
CVE-2004-0804 [MEDIUM] CVE-2004-0804: Vulnerability in tif_dirread
Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (application crash) via a TIFF image that causes a divide-by-zero error when the number of row bytes is zero, a different vulnerability than CVE-2005-2452.
Debian
CVE-2005-2452: tiff - libtiff up to 3.7.0 allows remote attackers to cause a denial of service (applic...
vendor_debian·2005·CVSS 4.3
CVE-2005-2452 [MEDIUM] CVE-2005-2452: tiff - libtiff up to 3.7.0 allows remote attackers to cause a denial of service (applic...
libtiff up to 3.7.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image header with a zero "YCbCr subsampling" value, which causes a divide-by-zero error in (1) tif_strip.c and (2) tif_tile.c, a different vulnerability than CVE-2004-0804.
Scope: local
bookworm: resolved (fixed in 3.7.0-1)
bullseye: resolved (fixed in 3.7.0-1)
forky: resolved (fixed in 3.7.0-1)
sid: resolved (fixed in 3.7.0-1)
trixie: resolved (fixed in 3.7.0-1)
Debian
CVE-2004-0804: tiff - Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a de...
vendor_debian·2004·CVSS 4.3
CVE-2004-0804 [MEDIUM] CVE-2004-0804: tiff - Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a de...
Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (application crash) via a TIFF image that causes a divide-by-zero error when the number of row bytes is zero, a different vulnerability than CVE-2005-2452.
Scope: local
bookworm: resolved (fixed in 3.6.1-2)
bullseye: resolved (fixed in 3.6.1-2)
forky: resolved (fixed in 3.6.1-2)
sid: resolved (fixed in 3.6.1-2)
trixie: resolved (fixed in 3.6.1-2)
Red Hat
security flaw
vendor_redhat·2002-03-15·CVSS 4.3
CVE-2004-0804 [MEDIUM] security flaw
security flaw
Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (application crash) via a TIFF image that causes a divide-by-zero error when the number of row bytes is zero, a different vulnerability than CVE-2005-2452.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2004-0804 security flaw
bugzilla·2018-08-16·CVSS 4.3
CVE-2004-0804 [MEDIUM] CVE-2004-0804 security flaw
CVE-2004-0804 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (application crash) via a TIFF image that causes a divide-by-zero error when the number of row bytes is zero, a different vulnerability than CVE-2005-2452.
Bugzilla
CAN-2004-0803 multiple issues in libtiff (CAN-2004-0804 CAN-2004-0886)
bugzilla·2004-10-29
[MEDIUM] CAN-2004-0803 multiple issues in libtiff (CAN-2004-0804 CAN-2004-0886)
CAN-2004-0803 multiple issues in libtiff (CAN-2004-0804 CAN-2004-0886)
During a source code audit, Chris Evans discovered a number of integer
overflow bugs that affect libtiff. teTeX contains an internal copy of
libtiff. An attacker who has the ability to trick a user into opening
a malicious TIFF file could cause the application linked to libtiff to
crash or possibly execute arbitrary code. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the names
CAN-2004-0886 and CAN-2004-0804 to these issues.
Additionally, a number of buffer overflow bugs that affect libtiff
have been found. teTeX contains an internal copy of libtiff. An
attacker who has the ability to trick a user into opening a malicious
TIFF file could cause the application linked to libtiff to crash
Bugzilla
CAN-2004-0803 CAN-2004-0804 CAN-2004-0886 multiple issues in libtiff
bugzilla·2004-10-29
[MEDIUM] CAN-2004-0803 CAN-2004-0804 CAN-2004-0886 multiple issues in libtiff
CAN-2004-0803 CAN-2004-0804 CAN-2004-0886 multiple issues in libtiff
During a source code audit, Chris Evans discovered a number of integer
overflow bugs that affect libtiff. teTeX contains an internal copy of
libtiff. An attacker who has the ability to trick a user into opening
a malicious TIFF file could cause the application linked to libtiff to
crash or possibly execute arbitrary code. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the names
CAN-2004-0886 and CAN-2004-0804 to these issues.
Additionally, a number of buffer overflow bugs that affect libtiff
have been found. teTeX contains an internal copy of libtiff. An
attacker who has the ability to trick a user into opening a malicious
TIFF file could cause the application linked to libtiff to crash or
http://bugzilla.remotesensing.org/show_bug.cgi?id=111http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1http://www.debian.org/security/2004/dsa-567http://www.kb.cert.org/vuls/id/555304http://www.kde.org/info/security/advisory-20041209-2.txthttp://www.mandriva.com/security/advisories?name=MDKSA-2004:109http://www.mandriva.com/security/advisories?name=MDKSA-2005:052http://www.novell.com/linux/security/advisories/2004_38_libtiff.htmlhttp://www.redhat.com/support/errata/RHSA-2004-577.htmlhttp://www.redhat.com/support/errata/RHSA-2005-021.htmlhttp://www.redhat.com/support/errata/RHSA-2005-354.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/17755https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100115https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11711http://bugzilla.remotesensing.org/show_bug.cgi?id=111http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1http://www.debian.org/security/2004/dsa-567http://www.kb.cert.org/vuls/id/555304http://www.kde.org/info/security/advisory-20041209-2.txthttp://www.mandriva.com/security/advisories?name=MDKSA-2004:109http://www.mandriva.com/security/advisories?name=MDKSA-2005:052http://www.novell.com/linux/security/advisories/2004_38_libtiff.htmlhttp://www.redhat.com/support/errata/RHSA-2004-577.htmlhttp://www.redhat.com/support/errata/RHSA-2005-021.htmlhttp://www.redhat.com/support/errata/RHSA-2005-354.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/17755https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100115https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11711
2004-11-03
Published