CVE-2004-1183
published 2005-01-06CVE-2004-1183: Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly…
PriorityP423medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EPSS
3.88%
88.9th percentile
Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF file.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | tiff | < tiff 3.6.1-5 (bookworm) | tiff 3.6.1-5 (bookworm) |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
| libtiff | libtiff | — | — |
CVSS provenance
nvdv2.05.1MEDIUMAV:N/AC:H/Au:N/C:P/I:P/A:P
osv5.1MEDIUM
vendor_debian5.1MEDIUM
vendor_redhat5.1MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-hq62-22vf-mhg5: Integer overflow in the tiffdump utility for libtiff 3
ghsa_unreviewed·2022-04-29
CVE-2004-1183 [MEDIUM] GHSA-hq62-22vf-mhg5: Integer overflow in the tiffdump utility for libtiff 3
Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF file.
OSV
CVE-2004-1183: Integer overflow in the tiffdump utility for libtiff 3
osv·2005-01-06·CVSS 5.1
CVE-2004-1183 [MEDIUM] CVE-2004-1183: Integer overflow in the tiffdump utility for libtiff 3
Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF file.
Ubuntu
TIFF library tool vulnerability
vendor_ubuntu·2005-01-07
CVE-2004-1183 TIFF library tool vulnerability
Title: TIFF library tool vulnerability
Summary: TIFF library tool vulnerability
Dmitry V. Levin discovered a buffer overflow in the "tiffdump"
utility. If an attacker tricked a user into processing a malicious
TIFF image with tiffdump, they could cause a buffer overflow which at
least causes the program to crash. However, it is not entirely clear
whether this can be exploited to execute arbitrary code with the
privileges of the user opening the image.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
security flaw
vendor_redhat·2005-01-05·CVSS 5.1
CVE-2004-1183 [MEDIUM] security flaw
security flaw
Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF file.
Debian
CVE-2004-1183: tiff - Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows re...
vendor_debian·2004·CVSS 5.1
CVE-2004-1183 [MEDIUM] CVE-2004-1183: tiff - Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows re...
Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF file.
Scope: local
bookworm: resolved (fixed in 3.6.1-5)
bullseye: resolved (fixed in 3.6.1-5)
forky: resolved (fixed in 3.6.1-5)
sid: resolved (fixed in 3.6.1-5)
trixie: resolved (fixed in 3.6.1-5)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2004-1183 security flaw
bugzilla·2018-08-16·CVSS 5.1
CVE-2004-1183 [MEDIUM] CVE-2004-1183 security flaw
CVE-2004-1183 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF file.
Bugzilla
CVE-2004-1183 libtiff: tiffdump integer overflow
bugzilla·2004-12-22·CVSS 5.1
CVE-2004-1183 [MEDIUM] CVE-2004-1183 libtiff: tiffdump integer overflow
CVE-2004-1183 libtiff: tiffdump integer overflow
Dmitry V. Levin has reported to vendor-sec an issue with tiffdump.
The issue appears to be an integer overflow which could lead to a
buffer overflow.
There is no patch yet. More work is being done on this issue. I'll
post more information when it's available.
This issue should also affect RHEL2.1
Discussion:
attachment 109026
contains a demo image file to exploit this issue.
---
Can we get this update into RHSA-2004:698
This issue is sort of embargoed now. It's not technically private,
but it seems vendors may be willing to hold off on updates for a bit.
It seems additional work is not being done on this issue.
---
Created attachment 109325
Proposed patch for this issue.
---
Build libtiff-3.5.5-19 (RHEL-2.1) and libtiff-3.5.7-22.
Bugzilla
libtiff integer overflow.
bugzilla·2004-12-22
[LOW] libtiff integer overflow.
libtiff integer overflow.
Dmitry V. Levin has reported to vendor-sec an issue with tiffdump.
The issue appears to be an integer overflow which could lead to a
buffer overflow.
There is no patch yet. More work is being done on this issue. I'll
post more information when it's available.
This issue should also affect FC2
Discussion:
Created attachment 109026
Demo exploit image.
---
Removing embargo
---
Does this bugzilla entry relate to CVE CAN=2004-1183?
Has this issue been fixed by Fedora Update Notification
FEDORA-2005-597
and
FEDORA-2005-598
<http://www.redhat.com/archives/fedora-announce-list/2005-January/msg00024.html?
??
---
Yes it does. If you look closely, the changelog mentions this bug.
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000920http://marc.info/?l=bugtraq&m=110503635113419&w=2http://secunia.com/advisories/13728/http://secunia.com/advisories/13776http://security.gentoo.org/glsa/glsa-200501-06.xmlhttp://www.debian.org/security/2004/dsa-626http://www.mandriva.com/security/advisories?name=MDKSA-2005:001http://www.mandriva.com/security/advisories?name=MDKSA-2005:002http://www.mandriva.com/security/advisories?name=MDKSA-2005:052http://www.novell.com/linux/security/advisories/2005_01_libtiff_tiff.htmlhttp://www.redhat.com/support/errata/RHSA-2005-019.htmlhttp://www.redhat.com/support/errata/RHSA-2005-035.htmlhttp://www.securityfocus.com/bid/12173https://exchange.xforce.ibmcloud.com/vulnerabilities/18782https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9743http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000920http://marc.info/?l=bugtraq&m=110503635113419&w=2http://secunia.com/advisories/13728/http://secunia.com/advisories/13776http://security.gentoo.org/glsa/glsa-200501-06.xmlhttp://www.debian.org/security/2004/dsa-626http://www.mandriva.com/security/advisories?name=MDKSA-2005:001http://www.mandriva.com/security/advisories?name=MDKSA-2005:002http://www.mandriva.com/security/advisories?name=MDKSA-2005:052http://www.novell.com/linux/security/advisories/2005_01_libtiff_tiff.htmlhttp://www.redhat.com/support/errata/RHSA-2005-019.htmlhttp://www.redhat.com/support/errata/RHSA-2005-035.htmlhttp://www.securityfocus.com/bid/12173https://exchange.xforce.ibmcloud.com/vulnerabilities/18782https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9743
2005-01-06
Published