Vulnerability Note VU#948752
LibTIFF contains multiple heap-based buffer overflows
LibTIFF contains multiple heap-based buffer overflows that may allow an attacker to execute arbitrary code or cause a denial-of-service condition.
LibTIFF is a library used to encode and decode images in Tag Image File Format (TIFF). Multiple LibTIFF routines contain buffer overflow vulnerabilities including, but not necessarily limited to, the following functions:
These issues are the result of insufficient validation of user-supplied data. Consequently, a remote attacker may be able to exploit these vulnerabilities by supplying an application using LibTIFF with a specially crafted TIFF image.
Any program that uses the LibTIFF library may be affected by this issue. Users are encouraged to contact their vendors to determine if they are vulnerable.
Specific impacts depend on the application and LibTIFF routine being attacked. Potential consequences range from abrupt and abnormal program termination to the execution of arbitrary code with the privileges of the compromised program.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Apple Computer Inc.||Affected||01 Nov 2004||01 Dec 2004|
|Debian||Affected||01 Nov 2004||02 Nov 2004|
|NEC Corporation||Not Affected||01 Nov 2004||17 Mar 2005|
|BSDI||Unknown||-||01 Nov 2004|
|Conectiva||Unknown||-||01 Nov 2004|
|Cray Inc.||Unknown||-||01 Nov 2004|
|EMC Corporation||Unknown||-||01 Nov 2004|
|Engarde||Unknown||-||01 Nov 2004|
|F5 Networks||Unknown||-||01 Nov 2004|
|FreeBSD||Unknown||-||01 Nov 2004|
|Fujitsu||Unknown||-||01 Nov 2004|
|Gentoo||Unknown||-||30 Nov 2004|
|Hewlett-Packard Company||Unknown||-||01 Nov 2004|
|Hitachi||Unknown||-||01 Nov 2004|
|IBM||Unknown||-||01 Nov 2004|
CVSS Metrics (Learn More)
This vulnerability was reported by Thierry Carrez and discovered by Chris Evans.
This document was written by Jeff Gennari based on information provided by Gentoo Linux Security Advisory GLSA 200410-11.
- CVE IDs: CAN-2004-0803
- Date Public: 13 Oct 2004
- Date First Published: 01 Dec 2004
- Date Last Updated: 17 Mar 2005
- Severity Metric: 7.42
- Document Revision: 79
If you have feedback, comments, or additional information about this vulnerability, please send us email.