Vulnerabilities > CVE-2004-0803

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.

Vulnerable Configurations

Part Description Count
Application
Libtiff
9
Application
Pdflib
1
Application
Wxgtk2
1
OS
Suse
7
OS
Redhat
13
OS
Apple
32
OS
Trustix
3
OS
Kde
6
OS
Mandrakesoft
2

Nessus

  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2005-354.NASL
    descriptionUpdated tetex packages that fix several integer overflows are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as input and creates a typesetter-independent .dvi (DeVice Independent) file as output. A number of security flaws have been found affecting libraries used internally within teTeX. An attacker who has the ability to trick a user into processing a malicious file with teTeX could cause teTeX to crash or possibly execute arbitrary code. A number of integer overflow bugs that affect Xpdf were discovered. The teTeX package contains a copy of the Xpdf code used for parsing PDF files and is therefore affected by these bugs. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2004-0888 and CVE-2004-1125 to these issues. A number of integer overflow bugs that affect libtiff were discovered. The teTeX package contains an internal copy of libtiff used for parsing TIFF image files and is therefore affected by these bugs. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2004-0803, CVE-2004-0804 and CVE-2004-0886 to these issues. Also latex2html is added to package tetex-latex for 64bit platforms. Users of teTeX should upgrade to these updated packages, which contain backported patches and are not vulnerable to these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id17680
    published2005-04-02
    reporterThis script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/17680
    titleRHEL 2.1 / 3 : tetex (RHSA-2005:354)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2005:354. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(17680);
      script_version ("1.25");
      script_cvs_date("Date: 2019/10/25 13:36:11");
    
      script_cve_id("CVE-2004-0803", "CVE-2004-0804", "CVE-2004-0886", "CVE-2004-0888", "CVE-2004-1125");
      script_xref(name:"RHSA", value:"2005:354");
    
      script_name(english:"RHEL 2.1 / 3 : tetex (RHSA-2005:354)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated tetex packages that fix several integer overflows are now
    available.
    
    This update has been rated as having moderate security impact by the
    Red Hat Security Response Team.
    
    TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes
    a text file and a set of formatting commands as input and creates a
    typesetter-independent .dvi (DeVice Independent) file as output.
    
    A number of security flaws have been found affecting libraries used
    internally within teTeX. An attacker who has the ability to trick a
    user into processing a malicious file with teTeX could cause teTeX to
    crash or possibly execute arbitrary code.
    
    A number of integer overflow bugs that affect Xpdf were discovered.
    The teTeX package contains a copy of the Xpdf code used for parsing
    PDF files and is therefore affected by these bugs. The Common
    Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
    names CVE-2004-0888 and CVE-2004-1125 to these issues.
    
    A number of integer overflow bugs that affect libtiff were discovered.
    The teTeX package contains an internal copy of libtiff used for
    parsing TIFF image files and is therefore affected by these bugs. The
    Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the names CVE-2004-0803, CVE-2004-0804 and CVE-2004-0886 to
    these issues.
    
    Also latex2html is added to package tetex-latex for 64bit platforms.
    
    Users of teTeX should upgrade to these updated packages, which contain
    backported patches and are not vulnerable to these issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2004-0803"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2004-0804"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2004-0886"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2004-0888"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2004-1125"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2005:354"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_cwe_id(20);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tetex");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tetex-afm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tetex-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tetex-dvilj");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tetex-dvips");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tetex-fonts");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tetex-latex");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tetex-xdvi");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:2.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2004/11/03");
      script_set_attribute(attribute:"patch_publication_date", value:"2005/04/01");
      script_set_attribute(attribute:"plugin_publication_date", value:"2005/04/02");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(2\.1|3)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 2.1 / 3.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2005:354";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"tetex-1.0.7-38.5E.8")) flag++;
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"tetex-afm-1.0.7-38.5E.8")) flag++;
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"tetex-doc-1.0.7-38.5E.8")) flag++;
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"tetex-dvilj-1.0.7-38.5E.8")) flag++;
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"tetex-dvips-1.0.7-38.5E.8")) flag++;
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"tetex-fonts-1.0.7-38.5E.8")) flag++;
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"tetex-latex-1.0.7-38.5E.8")) flag++;
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"tetex-xdvi-1.0.7-38.5E.8")) flag++;
    
      if (rpm_check(release:"RHEL3", reference:"tetex-1.0.7-67.7")) flag++;
      if (rpm_check(release:"RHEL3", reference:"tetex-afm-1.0.7-67.7")) flag++;
      if (rpm_check(release:"RHEL3", reference:"tetex-dvips-1.0.7-67.7")) flag++;
      if (rpm_check(release:"RHEL3", reference:"tetex-fonts-1.0.7-67.7")) flag++;
      if (rpm_check(release:"RHEL3", reference:"tetex-latex-1.0.7-67.7")) flag++;
      if (rpm_check(release:"RHEL3", reference:"tetex-xdvi-1.0.7-67.7")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "tetex / tetex-afm / tetex-doc / tetex-dvilj / tetex-dvips / etc");
      }
    }
    
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_F6680C030BD811D98A8A000C41E2CDAD.NASL
    descriptionChris Evans discovered several heap buffer overflows in libtiff
    last seen2020-06-01
    modified2020-06-02
    plugin id19172
    published2005-07-13
    reporterThis script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/19172
    titleFreeBSD : tiff -- RLE decoder heap overflows (f6680c03-0bd8-11d9-8a8a-000c41e2cdad)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200412-17.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200412-17 (kfax: Multiple overflows in the included TIFF library) Than Ngo discovered that kfax contains a private copy of the TIFF library and is therefore subject to several known vulnerabilities (see References). Impact : A remote attacker could entice a user to view a carefully-crafted TIFF image file with kfax, which would potentially lead to execution of arbitrary code with the rights of the user running kfax. Workaround : The KDE Team recommends to remove the kfax binary as well as the kfaxpart.la KPart: rm /usr/kde/3.*/lib/kde3/kfaxpart.la rm /usr/kde/3.*/bin/kfax Note: This will render the kfax functionality useless, if kfax functionality is needed you should upgrade to the KDE 3.3.2 which is not stable at the time of this writing. There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id16004
    published2004-12-20
    reporterThis script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/16004
    titleGLSA-200412-17 : kfax: Multiple overflows in the included TIFF library
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SA_2004_038.NASL
    descriptionThe remote host is missing the patch for the advisory SUSE-SA:2004:038 (libtiff). libtiff is used by image viewers and web browser to view
    last seen2020-06-01
    modified2020-06-02
    plugin id15552
    published2004-10-22
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/15552
    titleSUSE-SA:2004:038: libtiff
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2004-111.NASL
    descriptionSeveral vulnerabilities have been discovered in the libtiff package; wxGTK2 uses a libtiff code tree, so it may have the same vulnerabilities : Chris Evans discovered several problems in the RLE (run length encoding) decoders that could lead to arbitrary code execution. (CVE-2004-0803) Matthias Clasen discovered a division by zero through an integer overflow. (CVE-2004-0804) Dmitry V. Levin discovered several integer overflows that caused malloc issues which can result to either plain crash or memory corruption. (CVE-2004-0886)
    last seen2020-06-01
    modified2020-06-02
    plugin id24551
    published2007-02-18
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24551
    titleMandrake Linux Security Advisory : wxGTK2 (MDKSA-2004:111)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2005-052.NASL
    descriptionPrevious updates to correct integer overflow issues affecting xpdf overlooked certain conditions when built for a 64 bit platform. (formerly CVE-2004-0888). This also affects applications like kdegraphics, that use embedded versions of xpdf. (CVE-2005-0206) In addition, previous libtiff updates overlooked kdegraphics, which contains and embedded libtiff used for kfax. This update includes patches to address: CVE-2004-0803, CVE-2004-0804, CVE-2004-0886, CVE-2004-1183, CVE-2004-1308. The updated packages are patched to deal with these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id17281
    published2005-03-06
    reporterThis script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/17281
    titleMandrake Linux Security Advisory : kdegraphics (MDKSA-2005:052)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2004-305-02.NASL
    descriptionNew libtiff packages are available for Slackware 8.1, 9.0, 9.1, 10.1, and -current to fix security issues that could lead to application crashes, or possibly execution of arbitrary code.
    last seen2020-06-01
    modified2020-06-02
    plugin id18775
    published2005-07-13
    reporterThis script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/18775
    titleSlackware 10.0 / 8.1 / 9.0 / 9.1 / current : libtiff (SSA:2004-305-02)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2004-357.NASL
    descriptionA problem with PDF handling was discovered by Chris Evans, and has been fixed. The Common Vulnerabilities and Exposures project (www.mitre.org) has assigned the name CVE-2004-0888 to this issue. a number of buffer overflow bugs that affect libtiff have been found. The kfax application contains a copy of the libtiff code used for parsing TIFF files and is therefore affected by these bugs. An attacker who has the ability to trick a user into opening a malicious TIFF file could cause kfax to crash or possibly execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0803 to this issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id15584
    published2004-10-30
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/15584
    titleFedora Core 2 : kdegraphics-3.2.2-1.1 (2004-357)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200412-02.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200412-02 (PDFlib: Multiple overflows in the included TIFF library) The TIFF library is subject to several known vulnerabilities (see GLSA 200410-11). Most of these overflows also apply to PDFlib. Impact : A remote attacker could entice a user or web application to process a carefully crafted PDF file or TIFF image using a PDFlib-powered program. This can potentially lead to the execution of arbitrary code with the rights of the program processing the file. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id15906
    published2004-12-05
    reporterThis script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/15906
    titleGLSA-200412-02 : PDFlib: Multiple overflows in the included TIFF library
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2005-354.NASL
    descriptionUpdated tetex packages that fix several integer overflows are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as input and creates a typesetter-independent .dvi (DeVice Independent) file as output. A number of security flaws have been found affecting libraries used internally within teTeX. An attacker who has the ability to trick a user into processing a malicious file with teTeX could cause teTeX to crash or possibly execute arbitrary code. A number of integer overflow bugs that affect Xpdf were discovered. The teTeX package contains a copy of the Xpdf code used for parsing PDF files and is therefore affected by these bugs. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2004-0888 and CVE-2004-1125 to these issues. A number of integer overflow bugs that affect libtiff were discovered. The teTeX package contains an internal copy of libtiff used for parsing TIFF image files and is therefore affected by these bugs. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2004-0803, CVE-2004-0804 and CVE-2004-0886 to these issues. Also latex2html is added to package tetex-latex for 64bit platforms. Users of teTeX should upgrade to these updated packages, which contain backported patches and are not vulnerable to these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id21809
    published2006-07-03
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/21809
    titleCentOS 3 : tetex (CESA-2005:354)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-567.NASL
    descriptionSeveral problems have been discovered in libtiff, the Tag Image File Format library for processing TIFF graphics files. An attacker could prepare a specially crafted TIFF graphic that would cause the client to execute arbitrary code or crash. The Common Vulnerabilities and Exposures Project has identified the following problems : - CAN-2004-0803 Chris Evans discovered several problems in the RLE (run length encoding) decoders that could lead to arbitrary code execution. - CAN-2004-0804 Matthias Clasen discovered a division by zero through an integer overflow. - CAN-2004-0886 Dmitry V. Levin discovered several integer overflows that caused malloc issues which can result to either plain crash or memory corruption.
    last seen2020-06-01
    modified2020-06-02
    plugin id15665
    published2004-11-10
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/15665
    titleDebian DSA-567-1 : tiff - heap overflows
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2004-577.NASL
    descriptionUpdated libtiff packages that fix various buffer and integer overflows are now available. The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. TIFF is a widely used file format for bitmapped images. During a source code audit, Chris Evans discovered a number of integer overflow bugs that affect libtiff. An attacker who has the ability to trick a user into opening a malicious TIFF file could cause the application linked to libtiff to crash or possibly execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2004-0886 and CVE-2004-0804 to these issues. Additionally, a number of buffer overflow bugs that affect libtiff have been found. An attacker who has the ability to trick a user into opening a malicious TIFF file could cause the application linked to libtiff to crash or possibly execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0803 to this issue. All users are advised to upgrade to these errata packages, which contain fixes for these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id15629
    published2004-11-04
    reporterThis script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/15629
    titleRHEL 2.1 / 3 : libtiff (RHSA-2004:577)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2005-021.NASL
    descriptionUpdated kdegraphics packages that resolve multiple security issues in kfax are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team The kdegraphics package contains graphics applications for the K Desktop Environment. During a source code audit, Chris Evans discovered a number of integer overflow bugs that affect libtiff. The kfax application contains a copy of the libtiff code used for parsing TIFF files and is therefore affected by these bugs. An attacker who has the ability to trick a user into opening a malicious TIFF file could cause kfax to crash or possibly execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2004-0886 and CVE-2004-0804 to these issues. Additionally, a number of buffer overflow bugs that affect libtiff have been found. The kfax application contains a copy of the libtiff code used for parsing TIFF files and is therefore affected by these bugs. An attacker who has the ability to trick a user into opening a malicious TIFF file could cause kfax to crash or possibly execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0803 to this issue. Users of kfax should upgrade to these updated packages, which contain backported patches and are not vulnerable to this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id18017
    published2005-04-12
    reporterThis script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/18017
    titleRHEL 2.1 / 3 : kdegraphics (RHSA-2005:021)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200410-11.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200410-11 (tiff: Buffer overflows in image decoding) Chris Evans found heap-based overflows in RLE decoding routines in tif_next.c, tif_thunder.c and potentially tif_luv.c. Impact : A remote attacker could entice a user to view a carefully crafted TIFF image file, which would potentially lead to execution of arbitrary code with the rights of the user viewing the image. This affects any program that makes use of the tiff library, including GNOME and KDE web browsers or mail readers. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id15472
    published2004-10-14
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/15472
    titleGLSA-200410-11 : tiff: Buffer overflows in image decoding
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SECUPD20041202.NASL
    descriptionThe remote host is missing Security Update 2004-12-02. This security update contains a number of fixes for the following programs : - Apache - Apache2 - AppKit - Cyrus IMAP - HIToolbox - Kerberos - Postfix - PSNormalizer - QuickTime Streaming Server - Safari - Terminal These programs contain multiple vulnerabilities that could allow a remote attacker to execute arbitrary code.
    last seen2020-06-01
    modified2020-06-02
    plugin id15898
    published2004-12-02
    reporterThis script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/15898
    titleMac OS X Multiple Vulnerabilities (Security Update 2004-12-02)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2005-021.NASL
    descriptionUpdated kdegraphics packages that resolve multiple security issues in kfax are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team The kdegraphics package contains graphics applications for the K Desktop Environment. During a source code audit, Chris Evans discovered a number of integer overflow bugs that affect libtiff. The kfax application contains a copy of the libtiff code used for parsing TIFF files and is therefore affected by these bugs. An attacker who has the ability to trick a user into opening a malicious TIFF file could cause kfax to crash or possibly execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2004-0886 and CVE-2004-0804 to these issues. Additionally, a number of buffer overflow bugs that affect libtiff have been found. The kfax application contains a copy of the libtiff code used for parsing TIFF files and is therefore affected by these bugs. An attacker who has the ability to trick a user into opening a malicious TIFF file could cause kfax to crash or possibly execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0803 to this issue. Users of kfax should upgrade to these updated packages, which contain backported patches and are not vulnerable to this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id21795
    published2006-07-03
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/21795
    titleCentOS 3 : kdegraphics (CESA-2005:021)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2004-334.NASL
    descriptionThe libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. TIFF is a widely used file format for bitmapped images. During a source code audit, Chris Evans discovered a number of integer overflow bugs that affect libtiff. An attacker who has the ability to trick a user into opening a malicious TIFF file could cause the application linked to libtiff to crash or possibly execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0886 to this issue. Additionally, a number of buffer overflow bugs that affect libtiff have been found. An attacker who has the ability to trick a user into opening a malicious TIFF file could cause the application linked to libtiff to crash or possibly execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0803 to this issue. All users are advised to upgrade to these errata packages, which contain fixes for these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id15475
    published2004-10-15
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/15475
    titleFedora Core 2 : libtiff-3.5.7-20.2 (2004-334)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2004-109.NASL
    descriptionSeveral vulnerabilities have been discovered in the libtiff package : Chris Evans discovered several problems in the RLE (run length encoding) decoders that could lead to arbitrary code execution. (CVE-2004-0803) Matthias Clasen discovered a division by zero through an integer overflow. (CVE-2004-0804) Dmitry V. Levin discovered several integer overflows that caused malloc issues which can result to either plain crash or memory corruption. (CVE-2004-0886)
    last seen2020-06-01
    modified2020-06-02
    plugin id15523
    published2004-10-20
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/15523
    titleMandrake Linux Security Advisory : libtiff (MDKSA-2004:109)

Oval

  • accepted2005-11-16T08:02:00.000-04:00
    classvulnerability
    contributors
    nameRobert L. Hollis
    organizationThreatGuard, Inc.
    descriptionMultiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
    familyunix
    idoval:org.mitre.oval:def:100114
    statusaccepted
    submitted2005-08-16T12:00:00.000-04:00
    titlelibtiff RLE Decoder Buffer Overflow Vulnerabilities
    version36
  • accepted2013-04-29T04:17:58.649-04:00
    classvulnerability
    contributors
    • nameAharon Chernin
      organizationSCAP.com, LLC
    • nameDragos Prisaca
      organizationG2, Inc.
    definition_extensions
    • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
      ovaloval:org.mitre.oval:def:11782
    • commentCentOS Linux 3.x
      ovaloval:org.mitre.oval:def:16651
    descriptionMultiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
    familyunix
    idoval:org.mitre.oval:def:8896
    statusaccepted
    submitted2010-07-09T03:56:16-04:00
    titleMultiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
    version26

Redhat

advisories
  • rhsa
    idRHSA-2004:577
  • rhsa
    idRHSA-2005:021
  • rhsa
    idRHSA-2005:354
rpms
  • libtiff-0:3.5.7-20.1
  • libtiff-debuginfo-0:3.5.7-20.1
  • libtiff-devel-0:3.5.7-20.1
  • kdegraphics-7:3.1.3-3.7
  • kdegraphics-debuginfo-7:3.1.3-3.7
  • kdegraphics-devel-7:3.1.3-3.7
  • tetex-0:1.0.7-67.7
  • tetex-afm-0:1.0.7-67.7
  • tetex-debuginfo-0:1.0.7-67.7
  • tetex-dvips-0:1.0.7-67.7
  • tetex-fonts-0:1.0.7-67.7
  • tetex-latex-0:1.0.7-67.7
  • tetex-xdvi-0:1.0.7-67.7