FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

tiff -- tiffdump integer overflow vulnerability

Affected packages
tiff < 3.7.1_2
linux-tiff < 3.6.1_1


VuXML ID 8f86d8b5-6025-11d9-a9e7-0001020eed82
Discovery 2005-01-06
Entry 2005-01-06
Modified 2005-03-01

Dmitry V. Levin found a potential integer overflow in the tiffdump utility which could lead to execution of arbitrary code. This could be exploited by tricking an user into executing tiffdump on a specially crafted tiff image.


CVE Name CVE-2004-1183