NVD

Id
71688  
Name
CVE-2004-1308  
Description
Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff 3.5.7 and 3.7.0 allows remote attackers to execute arbitrary code via a TIFF file containing a TIFF_ASCII or TIFF_UNDEFINED directory entry with a -1 entry count, which leads to a heap-based buffer overflow.  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-07-18  
Published
2005-01-10  
Modified Date
2017-07-10  
Seq
2004-1308  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
370662 71688 CVE-2004-1308 CLA-2005:920  View
370663 71688 CVE-2004-1308 APPLE-SA-2005-05-03  View
370664 71688 CVE-2004-1308 oval:org.mitre.oval:def:100117  View
370665 71688 CVE-2004-1308 oval:org.mitre.oval:def:9392  View
370666 71688 CVE-2004-1308 101677  View
370667 71688 CVE-2004-1308 201072  View
370668 71688 CVE-2004-1308 DSA-617  View
370669 71688 CVE-2004-1308 20041221 libtiff Directory Entry Count Integer Overflow Vulnerability  View
370670 71688 CVE-2004-1308 VU#125598  View
370671 71688 CVE-2004-1308 MDKSA-2005:052  View
370672 71688 CVE-2004-1308 SUSE-SA:2005:001  View
370673 71688 CVE-2004-1308 RHSA-2005:019  View
370674 71688 CVE-2004-1308 RHSA-2005:035  View
370675 71688 CVE-2004-1308 TA05-136A  View
370676 71688 CVE-2004-1308 libtiff-tiff-tdircount-bo(18637)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
63233 JVNDB-2004-000575 LibTIFF ライブラリの tif_dirread.c および tif_fax3.c における整数オーバーフローの脆弱性 LibTIFF ライブラリの tif_dirread.c および tif_fax3.c において、TIFF ファイルのディレクトリエントリに ASCII もしくは UNDEFINED が指定された場合の処理に不備が存在し、整数オーバーフローが発生する脆弱性が存在します。 CVE-2004-1308 9735 CVE-2004-1308 71688 10 http://jvndb.jvn.jp/ja/contents/2004/JVNDB-2004-000575.html 2004-12-21 2007-04-01 View