← Back

CVE-2004-0929

nvd nist
Published: Jan 27, 2005Modified: Apr 16, 2026

JSON object

Loading...
10.0
Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 10.0 / Impact: 10.0
Source: NVD

Description

Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg.c for libtiff 3.6.1 and earlier, when compiled with the OJPEG_SUPPORT (old JPEG support) option, allows remote attackers to execute arbitrary code via a malformed TIFF image.

Affected (8)

Libtiff
1 product
Libtiff
Suse
1 product
Suse Linux
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Libtiff
Version 3.6.1
Configuration B
7 vulnerable
Vulnerable SoftwareAffected Versions
Suse
Suse Linux
Version 1.0
Suse Linux
Version 8.1
Suse Linux
Version 8.2
Suse Linux
Version 8
Suse Linux
Version 9.0
Suse Linux
Version 9.0
Suse Linux
Version 9.1

References (8)

Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
US Government Resource
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.