Remote Code Execution in libtiff RLE Decoders by TIFF Files
CVE-2004-0803

Currently unrated

Key Information:

Vendor

Libtiff

Status
Libtiff
PDF Library
Wxgtk2
Vendor
CVE Published:
23 December 2004

What is CVE-2004-0803?

The vulnerabilities in the RLE decoders for libtiff 3.6.1 and earlier versions could be exploited by attackers to execute arbitrary code on the target system by providing specially crafted TIFF files. This poses a risk to users who open manipulated TIFF images, as it may lead to unauthorized actions by malicious actors.

References

http://www.gentoo.org/security/en/glsa/glsa-200410-11.xml
vendor-advisoryx_refsource_GENTOO
http://www.redhat.com/support/errata/RHSA-2004-577.html
vendor-advisoryx_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-20...
vendor-advisoryx_refsource_MANDRAKE

EPSS Score

17% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.