2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2004-1307" ,
"sourceIdentifier" : "cve@mitre.org" ,
"published" : "2004-12-21T05:00:00.000" ,
"lastModified" : "2018-10-30T16:26:22.763" ,
"vulnStatus" : "Modified" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow."
}
] ,
"vendorComments" : [
{
"organization" : "Red Hat" ,
"comment" : "This issue was resolved in all affected libtiff versions as shipped with Red Hat Enterprise Linux 2.1, 3, and 4 via a patch for CVE-2004-0886. For updates containing patches for CVE-2004-0886, see: https://rhn.redhat.com/errata/CVE-2004-0886.html" ,
"lastModified" : "2008-08-12T00:00:00"
}
] ,
"metrics" : {
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P" ,
"accessVector" : "NETWORK" ,
"accessComplexity" : "LOW" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "PARTIAL" ,
"integrityImpact" : "PARTIAL" ,
"availabilityImpact" : "PARTIAL" ,
"baseScore" : 7.5
} ,
"baseSeverity" : "HIGH" ,
"exploitabilityScore" : 10.0 ,
"impactScore" : 6.4 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : true ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "NVD-CWE-Other"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:avaya:call_management_system_server:8.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "618B807E-29B5-4CD0-BBA2-E20E45AC192D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:avaya:call_management_system_server:9.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5E9C378A-2151-45D1-A7EC-1F27E794D878"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:avaya:call_management_system_server:11.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "18D3AF16-3591-44FB-B3F8-E92DAA8FA936"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:avaya:call_management_system_server:12.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "80FF4D54-3E14-42CA-9FC6-2534B3F00903"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:avaya:call_management_system_server:13.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "53D3C3D9-D54C-4D6C-9D82-7653445680C2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:avaya:cvlan:*:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2FE82341-3E73-4F5B-BD9E-06C83F22E831"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:avaya:integrated_management:*:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D12D6986-429E-4152-A6E5-4CC1FB9556D3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:avaya:interactive_response:*:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6EE68944-C31D-4B49-BC8F-07944E0E82AA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:avaya:interactive_response:1.2.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3427704B-08E7-4B33-B4F0-071EFA4FAE9F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:avaya:interactive_response:1.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C70755CC-4FF4-4E0E-9CFC-71F50FCC854E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:avaya:intuity_audix_lx:*:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "12D21889-2F4E-460B-AA92-4E910B7CBBDA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:icontrol_service_manager:1.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2A7379DC-AF87-436C-9942-8CC5CF781918"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:icontrol_service_manager:1.3.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3A2B0D82-C75B-43EB-9DD1-4270B8BE52A3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:icontrol_service_manager:1.3.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "06819549-ECD7-4568-BB15-C0A226A65F91"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:f5:icontrol_service_manager:1.3.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "72EA2403-F428-407E-B32E-C8D5792B4DB1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CCA5EEB8-9D2C-49A9-BB08-CE5017B79D81"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "261FAE51-5207-4136-9FFE-2330A281266C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B32C83B9-F7DA-450A-A687-9A73734CD712"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9485283A-B73E-4567-914A-42A86F5FFCB4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "95892168-0FB6-4E3F-9303-2F9B3CF60D2B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A5021564-5E0A-4DDC-BC68-200B6050043E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "19AA66E5-FDDD-4243-B945-DFEBDD25F258"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "62F359CD-5DC4-4919-B8E1-95BDDBD27EFC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.6.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D2C8C550-3313-4266-B4B3-E9E9047CFE04"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libtiff:libtiff:3.7.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "ABEEBA7B-81D5-4148-912B-9AD448BBE741"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "29DC217F-C257-4A3C-9CBD-08010C30BEC3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F4007B0D-9606-46BD-866A-7911BEA292BE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A35FC777-A34E-4C7B-9E93-8F17F3AD5180"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:avaya:mn100:*:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D073442B-D7E7-4E07-AF2D-E22FE65B09A9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BFDADE04-29F0-446B-824B-0518880CF0A0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "ED9BE602-A740-4CF7-9CAF-59061B16AB31"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "33E698C1-C313-40E6-BAF9-7C8F9CF02484"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BF2D00AC-FA2A-4C39-B796-DC19072862CF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "421079DA-B605-4E05-9454-C30CF7631CF4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "93B734BA-3435-40A9-B22B-5D56CEB865A7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C4B57B3E-B1B2-4F13-99D3-4F9DB3C07B5E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "30897327-44DD-4D6C-B8B6-2D66C44EA55D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B79D8F73-2E78-4A67-96BB-21AD9BCB0094"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DC6931D5-DE7E-41F6-ADDC-AB5A8A167F69"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1E997653-C744-4F1F-9948-47579AB3BED3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DF5A416A-F198-4B9C-8221-D36CC8A7FE5C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "384C130F-D1A9-4482-AF20-FC81933473A3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3CA6BD2A-3022-408D-8E4F-50865996E965"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "463D5628-7536-4029-99D6-5E525050059E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "69A39B11-1C23-4A6C-B4C5-AEC40836F173"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "78D48FD1-CB91-4310-9432-A4365FA67B11"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "750C6C37-8460-4ED8-83AD-ACAF993E4A6E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8923EE1A-DD48-4EC8-8698-A33093FD709C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:avaya:modular_messaging_message_storage_server:1.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E25F5CF2-F891-41CA-A40C-13966F72FDF8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:avaya:modular_messaging_message_storage_server:2.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7417958C-5321-41D6-9D1A-D16BF5511E81"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "647BA336-5538-4972-9271-383A0EC9378E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*" ,
"matchCriteriaId" : "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3528DABD-B821-4D23-AE12-614A9CA92C46"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*" ,
"matchCriteriaId" : "9E661D58-18DF-4CCF-9892-F873618F4535"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2BB0B27C-04EA-426F-9016-7406BACD91DF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*" ,
"matchCriteriaId" : "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:sco:unixware:7.1.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "059218D3-A3AD-4A10-9AA4-FBB689321D90"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*" ,
"matchCriteriaId" : "8F1F312C-413F-4DB4-ABF4-48E33F6FECF2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*" ,
"matchCriteriaId" : "1894C542-AA81-40A9-BF47-AE24C93C1ACB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*" ,
"matchCriteriaId" : "A711CDC2-412C-499D-9FA6-7F25B06267C6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*" ,
"matchCriteriaId" : "0B837BB7-5F62-4CD5-9C64-8553C28EA8A7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:sun:solaris:9.0:x86_update_2:*:*:*:*:*:*" ,
"matchCriteriaId" : "3F305CBD-4329-44DE-A85C-DE9FF371425E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*" ,
"matchCriteriaId" : "7BF232A9-9E0A-481E-918D-65FC82EF36D8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*" ,
"matchCriteriaId" : "0C0C3793-E011-4915-8F86-CE622A2D37D1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "08003947-A4F1-44AC-84C6-9F8D097EB759"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A2475113-CFE4-41C8-A86F-F2DA6548D224"
}
]
}
]
}
] ,
"references" : [
{
"url" : "http://lists.apple.com/archives/security-announce/2005/May/msg00001.html" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Patch" ,
"Vendor Advisory"
]
} ,
{
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1" ,
"source" : "cve@mitre.org"
} ,
{
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1" ,
"source" : "cve@mitre.org"
} ,
{
"url" : "http://www.idefense.com/application/poi/display?id=173&type=vulnerabilities&flashstatus=true" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Patch" ,
"Vendor Advisory"
]
} ,
{
"url" : "http://www.kb.cert.org/vuls/id/539110" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Patch" ,
"Third Party Advisory" ,
"US Government Resource"
]
} ,
{
"url" : "http://www.us-cert.gov/cas/techalerts/TA05-136A.html" ,
"source" : "cve@mitre.org" ,
"tags" : [
"US Government Resource"
]
} ,
{
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11175" ,
"source" : "cve@mitre.org"
}
]
}
