CVE-2004-1307

9 documents8 sources

Severity

7.5HIGH

EPSS

5.1%

top 10.16%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X Apple MAC OS X Server Avaya Call Management System Server +11 more

Timeline

PublishedDec 21

Latest updateApr 29

Description

Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages15 packages

▶NVDlibtiff/libtiff10 versions+9

▶Debiantiff< 3.7.0+3

▶NVDsun/sunos5.7, 5.8+1

▶NVDsgi/propack3.0

▶NVDsun/solaris4 versions+3

Patches

Patch: lists.apple.com ↗Patch: www.idefense.com ↗Patch: www.kb.cert.org ↗

🔴Vulnerability Details

GHSA

GHSA-j2r4-vwhq-m2gg: Integer overflow in the TIFFFetchStripThing function in tif_dirread↗2022-04-29

▶

CVEList

CVE-2004-1307: Integer overflow in the TIFFFetchStripThing function in tif_dirread↗2005-05-04

▶

OSV

CVE-2004-1307: Integer overflow in the TIFFFetchStripThing function in tif_dirread↗2004-12-21

▶

💥Exploits & PoCs

Exploit-DB

Apple Mac OSX Adobe Version Cue - Local Privilege Escalation↗2004-12-08

▶

Exploit-DB

Star Wars Battlefront 1.1 - Fake Players Denial of Service↗2004-11-24

▶

📋Vendor Advisories

Red Hat

security flaw↗2004-12-21

▶

Debian

CVE-2004-1307: tiff - Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtif...↗2004

▶

💬Community

Bugzilla

CVE-2004-1307 security flaw↗2018-08-16

▶