Integer Overflow Vulnerability in libtiff by Telus International
CVE-2004-0886

Currently unrated

Key Information:

Vendor

Libtiff

Status
Libtiff
Wxgtk2
PDF Library
Vendor
CVE Published:
27 January 2005

What is CVE-2004-0886?

Multiple integer overflow vulnerabilities exist in libtiff versions 3.6.1 and earlier, which can be exploited by remote attackers to cause a denial of service. This occurs when processing specially crafted TIFF images, leading to incorrect memory allocation and potential application crashes or memory corruption. Users of libtiff are advised to update their software to mitigate these issues.

References

http://www.redhat.com/support/errata/RHSA-2004-577.html
vendor-advisoryx_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-20...
vendor-advisoryx_refsource_MANDRAKE
http://www.redhat.com/support/errata/RHSA-2005-021.html
vendor-advisoryx_refsource_REDHAT

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.