First published: Thu Jan 06 2005(Updated: )
Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF file.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
TIFF | =3.4 | |
TIFF | =3.5.1 | |
TIFF | =3.5.2 | |
TIFF | =3.5.3 | |
TIFF | =3.5.4 | |
TIFF | =3.5.5 | |
TIFF | =3.5.6 | |
TIFF | =3.5.7 | |
TIFF | =3.6.0 | |
TIFF | =3.6.1 | |
TIFF | =3.7.0 | |
TIFF | =3.7.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2004-1183 is classified as a medium severity vulnerability due to its potential for causing a denial of service and possible remote code execution.
To address CVE-2004-1183, upgrade to a patched version of libtiff that is later than 3.7.1, ensuring the software is no longer vulnerable.
CVE-2004-1183 affects libtiff versions 3.4 through 3.7.1.
CVE-2004-1183 is an integer overflow vulnerability in the tiffdump utility for libtiff.
Yes, CVE-2004-1183 may allow remote attackers to execute arbitrary code via crafted TIFF files.