CVE-2004-0803 Information

Description

Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier related to buffer overflows and integer overflows allow remote attackers to execute arbitrary code via TIFF files.

Reference

http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888 http://marc.info/?l=bugtraq&m=109778785107450&w=2 http://scary.beasts.org/security/CESA-2004-006.txt http://secunia.com/advisories/12818 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1 http://www.debian.org/security/2004/dsa-567 http://www.gentoo.org/security/en/glsa/glsa-200410-11.xml http://www.kb.cert.org/vuls/id/948752 http://www.kde.org/info/security/advisory-20041209-2.txt http://www.mandriva.com/security/advisories?name=MDKSA-2004:109 http://www.mandriva.com/security/advisories?name=MDKSA-2005:052 http://www.novell.com/linux/security/advisories/2004_38_libtiff.html http://www.redhat.com/support/errata/RHSA-2004-577.html http://www.redhat.com/support/errata/RHSA-2005-021.html http://www.redhat.com/support/errata/RHSA-2005-354.html http://www.securityfocus.com/bid/11406 https://exchange.xforce.ibmcloud.com/vulnerabilities/17703 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A100114 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A8896