Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg.c for libtiff 3.6.1 and earlier, when compiled with the OJPEG_SUPPORT (old JPEG support) option, allows remote attackers to execute arbitrary code via a malformed TIFF image.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
20 Nov 2024, 23:49
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.idefense.com/application/poi/display?id=154&type=vulnerabilities - Patch, Vendor Advisory | |
References | () http://www.kb.cert.org/vuls/id/129910 - US Government Resource | |
References | () http://www.novell.com/linux/security/advisories/2004_38_libtiff.html - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/17843 - |
Information
Published : 2005-01-27 05:00
Updated : 2024-11-20 23:49
NVD link : CVE-2004-0929
Mitre link : CVE-2004-0929
CVE.ORG link : CVE-2004-0929
JSON object : View
Products Affected
suse
- suse_linux
libtiff
- libtiff
CWE