Notified: January 11, 2005 Updated: May 05, 2005
Affected
This is addressed in Security Update 2005-005. Further information is available at: http://docs.info.apple.com/article.html?artnum=301528.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Affected
Debian GNU/Linux was vulnerable to this problem and has issued an advisory with updated packages: DSA 617[1]. Another vulnerability has been discovered by Dmitry Levin which has been fixed in DSA 626 and has CAN-2004-1183 assigned as unique vulnerability identifier. For the stable distribution (woody) these problems have been fixed in version 3.5.5-6.woody5. For the unstable distribution (sid) these problems have been fixed in version 3.6.1-5. Links: 1. http://www.debian.org/security/2004/dsa-617 2. http://www.debian.org/security/2005/dsa-626
The vendor has not provided us with any further information regarding this vulnerability.
http://www.debian.org/security/2004/dsa-617 http://www.debian.org/security/2005/dsa-626
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Affected
libtiff and other software incorporating libtiff is available in the FreeBSD Ports Collection. Please see http://vuxml.freebsd.org/fc7e6a42-6012-11d9-a9e7-0001020eed82.html for details regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
http://vuxml.freebsd.org/fc7e6a42-6012-11d9-a9e7-0001020eed82.html
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 13, 2005
Unknown
For information related to this and other published CERT Advisories that may relate to the IBM eServer Platforms (xSeries, iSeries, pSeries, and zSeries) please go to https://app-06.www.ibm.com/servers/resourcelink/lib03020.nsf/pages/securityalerts?OpenDocument&pathID= In order to access this information you will require a Resource Link ID. To subscribe to Resource Link go to http://app-06.www.ibm.com/servers/resourcelink and follow the steps for registration. All questions should be refferred to servsec@us.ibm.com.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: March 17, 2005
Not Affected
NEC products are NOT susceptible to this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 13, 2005
Not Affected
NetBSD does not include libtiff in the Operating System release. It is available as a third-party package in the pkgsrc system, and was updated to 3.7.1 when the release first became public. A number of graphical programs and desktop environments in pkgsrc depend on libtiff, and so it may well have been installed as part of building another package. Known vulnerabilities in third-party pkgsrc packages are published in the pkg-vulnerabilities database. NetBSD recommends that users check installed packages against this database regularly using the tools in the security/audit-packages package.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 19, 2005
Affected
Red Hat Enterprise Linux ships with a LibTIFF package vulnerable to this issues. New LibTiff packages are now available along with our advisory at the URLs below and by using the Red Hat Network 'up2date' tool. Red Hat Enterprise Linux (2.1 3): http://rhn.redhat.com/errata/RHSA-2005-019.html
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: January 11, 2005 Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Updated: January 11, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.