Vulnerability in Apple Mac_os_x
CVE-2004-1307
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buf…
EPSS: 0.063 (92.7th percentile) — read the EPSS interpretation.
Affected products
- Apple Mac_os_x — versions 10.3, 10.3.1, 10.3.2
- Apple Mac_os_x_server — versions 10.3, 10.3.1, 10.3.2
- Avaya Call_management_system_server — versions 8.0, 9.0, 11.0
- Avaya Cvlan
- Avaya Integrated_management
- Avaya Interactive_response — versions 1.2.1, 1.3
- Avaya Intuity_audix_lx
- Avaya Mn100
- Avaya Modular_messaging_message_storage_server — versions 1.1, 2.0
- Conectiva Linux — versions 9.0, 10.0
References
- cve@mitre.org (US Government Resource, x_refsource_CERT, third-party-advisory)
- cve@mitre.org (US Government Resource, x_refsource_CERT-VN, Patch, Third Party Advisory, third-party-advisory)
- cve@mitre.org (vendor-advisory, x_refsource_SUNALERT)
- cve@mitre.org (vendor-advisory, x_refsource_SUNALERT)
- cve@mitre.org (x_refsource_IDEFENSE, Patch, Vendor Advisory, third-party-advisory)
- cve@mitre.org (vendor-advisory, x_refsource_APPLE, Patch, Vendor Advisory)
- cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)