Overview
An integer overflow in LibTIFF may allow a remote attacker to execute arbitrary code.
Description
LibTIFF is a library used to encode and decode images in Tag Image File Format (TIFF). A lack of validation on user supplied input may allow buffer overflow to occur. TIFF files contain directory entry header fields to describe the data in the file. If a remote attacker creates a TIFF file with specially crafted directory headers and persuades a user to access that file, an integer overflow will occur that may eventually lead to a heap-based buffer overflow. |
Impact
If a remote attacker can persuade a user to access a specially crafted TIFF image, that attacker may be able to execute arbitrary code with the privileges of that user. |
Solution
Upgrade or Patch This issue has been corrected in LibTIFF version 3.7.1. Obtain a patch or upgraded software from your vendor. Recompile statically linked applications. |
Do Not Accept TIFF Files from Unknown or Untrusted Sources
|
Vendor Information
Apple Computer Inc. Affected
Notified: January 11, 2005 Updated: May 05, 2005
Status
Affected
Vendor Statement
This is addressed in Security Update 2005-005. Further information is available at:
http://docs.info.apple.com/article.html?artnum=301528.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Debian Affected
Notified: January 11, 2005 Updated: January 11, 2005
Status
Affected
Vendor Statement
Debian GNU/Linux was vulnerable to this problem and has issued an advisory with updated packages: DSA 617[1]. Another vulnerability has been discovered by Dmitry Levin which has been fixed in DSA 626 and has CAN-2004-1183 assigned as unique vulnerability identifier.
For the stable distribution (woody) these problems have been fixed in version 3.5.5-6.woody5.
For the unstable distribution (sid) these problems have been fixed in version 3.6.1-5.
Links:
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
FreeBSD Affected
Notified: January 11, 2005 Updated: January 11, 2005
Status
Affected
Vendor Statement
libtiff and other software incorporating libtiff is available in the FreeBSD Ports Collection. Please see
for details regarding this vulnerability.Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
http://vuxml.freebsd.org/fc7e6a42-6012-11d9-a9e7-0001020eed82.html
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Red Hat Inc. Affected
Notified: January 11, 2005 Updated: January 19, 2005
Status
Affected
Vendor Statement
Red Hat Enterprise Linux ships with a LibTIFF package vulnerable to this issues. New LibTiff packages are now available along with our advisory at the URLs below and by using the Red Hat Network 'up2date' tool.
Red Hat Enterprise Linux (2.1 3):
http://rhn.redhat.com/errata/RHSA-2005-019.html
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
NEC Corporation Not Affected
Notified: January 11, 2005 Updated: March 17, 2005
Status
Not Affected
Vendor Statement
NEC products are NOT susceptible to this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
NetBSD Not Affected
Notified: January 11, 2005 Updated: January 13, 2005
Status
Not Affected
Vendor Statement
NetBSD does not include libtiff in the Operating System release.
It is available as a third-party package in the pkgsrc system, and was updated to 3.7.1 when the release first became public. A number of graphical programs and desktop environments in pkgsrc depend on libtiff, and so it may well have been installed as part of building another package.
Known vulnerabilities in third-party pkgsrc packages are published in the pkg-vulnerabilities database. NetBSD recommends that users check installed packages against this database regularly using the tools in the security/audit-packages package.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Connectiva Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Cray Inc. Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
EMC Corporation Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Engarde Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
F5 Networks Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Fujitsu Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Hewlett-Packard Company Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Hitachi Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
IBM Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
IBM eServer Unknown
Notified: January 11, 2005 Updated: January 13, 2005
Status
Unknown
Vendor Statement
For information related to this and other published CERT Advisories that may relate to the IBM eServer Platforms (xSeries, iSeries, pSeries, and zSeries) please go to
In order to access this information you will require a Resource Link ID. To subscribe to Resource Link go to
and follow the steps for registration.
All questions should be refferred to servsec@us.ibm.com.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
IBM-zSeries Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Immunix Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Ingrian Networks Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Juniper Networks Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
MandrakeSoft Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Microsoft Corporation Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
MontaVista Software Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Nokia Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Novell Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
OpenBSD Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Openwall GNU/*/Linux Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
SCO-LINUX Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
SCO-UNIX Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
SGI Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Sequent Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Sony Corporation Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
SuSE Inc. Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Sun Microsystems Inc. Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
TurboLinux Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Unisys Unknown
Notified: January 11, 2005 Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Wind River Systems Inc. Unknown
Updated: January 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
This vulnerability was reported by iDefense.
This document was written by Jeff Gennari.
Other Information
| CVE IDs: | CVE-2004-1308 |
| Severity Metric: | 7.75 |
| Date Public: | 2004-12-21 |
| Date First Published: | 2005-01-11 |
| Date Last Updated: | 2005-05-12 19:34 UTC |
| Document Revision: | 71 |