|
|
CVE Reference: CVE-2004-1307 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2004-1307 |
|
|
Description: Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. |
|
|
CVE Status: Candidate |
|
|
References: SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11175 IDEFENSE http://www.idefense.com/application/poi/display?id=173&type=vulnerabilities&flashstatus=true CERT-VN 539110 CERT http://www.us-cert.gov/cas/techalerts/TA05-136A.html APPLE http://lists.apple.com/archives/security-announce/2005/May/msg00001.html |
|
| Return to the previous page. |
