CVE-2004-0929
iDEFENSE Security Advisory 2004-10-22.t
Severity Score
8.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg.c for libtiff 3.6.1 and earlier, when compiled with the OJPEG_SUPPORT (old JPEG support) option, allows remote attackers to execute arbitrary code via a malformed TIFF image.
An exploitable heap overflow in the handling of malformed tiff files has been discovered in the latest version of libtiff when JPEG support has been enabled. An attacker can exploit the above-described vulnerability to execute arbitrary code under the permissions of the target user. Successful exploitation requires that the attacker convince the end-user to open the malicious tiff file using an application linked with a vulnerable version of libtiff.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2004-10-04 CVE Reserved
- 2004-10-26 CVE Published
- 2024-08-08 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://www.kb.cert.org/vuls/id/129910 | Third Party Advisory |
|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17843 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.idefense.com/application/poi/display?id=154&type=vulnerabilities | 2017-07-11 |
| URL | Date | SRC |
|---|---|---|
| http://www.novell.com/linux/security/advisories/2004_38_libtiff.html | 2017-07-11 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Libtiff Search vendor "Libtiff" | Libtiff Search vendor "Libtiff" for product "Libtiff" | 3.6.1 Search vendor "Libtiff" for product "Libtiff" and version "3.6.1" | - |
Affected
| ||||||
| Suse Search vendor "Suse" | Suse Linux Search vendor "Suse" for product "Suse Linux" | 1.0 Search vendor "Suse" for product "Suse Linux" and version "1.0" | desktop |
Affected
| ||||||
| Suse Search vendor "Suse" | Suse Linux Search vendor "Suse" for product "Suse Linux" | 8 Search vendor "Suse" for product "Suse Linux" and version "8" | enterprise_server |
Affected
| ||||||
| Suse Search vendor "Suse" | Suse Linux Search vendor "Suse" for product "Suse Linux" | 8.1 Search vendor "Suse" for product "Suse Linux" and version "8.1" | - |
Affected
| ||||||
| Suse Search vendor "Suse" | Suse Linux Search vendor "Suse" for product "Suse Linux" | 8.2 Search vendor "Suse" for product "Suse Linux" and version "8.2" | - |
Affected
| ||||||
| Suse Search vendor "Suse" | Suse Linux Search vendor "Suse" for product "Suse Linux" | 9.0 Search vendor "Suse" for product "Suse Linux" and version "9.0" | - |
Affected
| ||||||
| Suse Search vendor "Suse" | Suse Linux Search vendor "Suse" for product "Suse Linux" | 9.0 Search vendor "Suse" for product "Suse Linux" and version "9.0" | enterprise_server |
Affected
| ||||||
| Suse Search vendor "Suse" | Suse Linux Search vendor "Suse" for product "Suse Linux" | 9.1 Search vendor "Suse" for product "Suse Linux" and version "9.1" | - |
Affected
| ||||||