LibTIFF Multiple Buffer Overflow Vulnerabilities

Bugtraq ID: 11406
Class: Boundary Condition Error
CVE: CVE-2004-0803
CVE-2004-0886
CVE-2004-0804
Remote: Yes
Local: Yes
Published: Oct 13 2004 12:00AM
Updated: May 05 2009 03:46PM
Credit: Discovery of these issues is credited to Chris Evans <chris@scary.beasts.org>, Matthias Clasen and Dmitry V. Levin.
Vulnerable: wxGTK2 wxGTK2 2.5 .0
wxGTK2 wxGTK2
Trustix Secure Linux 2.1
Trustix Secure Linux 2.0
Trustix Secure Linux 1.5
Trustix Secure Enterprise Linux 2.0
teTeX teTeX 1.0.7
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ Debian Linux 3.0
+ HP Secure OS software for Linux 1.0
+ HP Secure OS software for Linux 1.0
+ Immunix Immunix OS 7.0 beta
+ Immunix Immunix OS 7.0 beta
+ Immunix Immunix OS 7.0
+ Immunix Immunix OS 7.0
+ Immunix Immunix OS 6.2
+ Immunix Immunix OS 6.2
+ MandrakeSoft Corporate Server 1.0.1
+ MandrakeSoft Corporate Server 1.0.1
+ Mandriva Linux Mandrake 9.0
+ Mandriva Linux Mandrake 9.0
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
+ Mandriva Linux Mandrake 7.1
+ Redhat Desktop 3.0
+ Redhat Desktop 3.0
+ Redhat Enterprise Linux AS 3
+ Redhat Enterprise Linux AS 3
+ Redhat Enterprise Linux AS 2.1 IA64
+ Redhat Enterprise Linux AS 2.1 IA64
+ Redhat Enterprise Linux AS 2.1
+ Redhat Enterprise Linux AS 2.1
+ Redhat Enterprise Linux ES 3
+ Redhat Enterprise Linux ES 3
+ Redhat Enterprise Linux ES 2.1 IA64
+ Redhat Enterprise Linux ES 2.1 IA64
+ Redhat Enterprise Linux ES 2.1
+ Redhat Enterprise Linux ES 2.1
+ Redhat Enterprise Linux WS 3
+ Redhat Enterprise Linux WS 2.1 IA64
+ Redhat Enterprise Linux WS 2.1 IA64
+ Redhat Enterprise Linux WS 2.1
+ Redhat Enterprise Linux WS 2.1
+ Redhat Linux 8.0 i386
+ Redhat Linux 8.0 i386
+ Redhat Linux 8.0
+ Redhat Linux 8.0
+ Redhat Linux 7.3 i386
+ Redhat Linux 7.3 i386
+ Redhat Linux 7.3
+ Redhat Linux 7.3
+ Redhat Linux 7.2 ia64
+ Redhat Linux 7.2 ia64
+ Redhat Linux 7.2 i386
+ Redhat Linux 7.2 i386
+ Redhat Linux 7.2
+ Redhat Linux 7.2
+ Redhat Linux 7.1 ia64
+ Redhat Linux 7.1 ia64
+ Redhat Linux 7.1 i386
+ Redhat Linux 7.1 i386
+ Redhat Linux 7.1 alpha
+ Redhat Linux 7.1 alpha
+ Redhat Linux 7.1
+ Redhat Linux 7.1
+ Redhat Linux 7.0 i386
+ Redhat Linux 7.0 i386
+ Redhat Linux 7.0 alpha
+ Redhat Linux 7.0 alpha
+ Redhat Linux 7.0
+ Redhat Linux 7.0
+ Redhat Linux Advanced Work Station 2.1
+ Redhat Linux Advanced Work Station 2.1
teTeX teTeX 1.0.6
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 IA-32
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
+ Debian Linux 2.2
+ Redhat Linux 6.2 sparc
+ Redhat Linux 6.2 sparc
+ Redhat Linux 6.2 i386
+ Redhat Linux 6.2 i386
+ Redhat Linux 6.2 alpha
+ Redhat Linux 6.2 alpha
+ Redhat Linux 6.2
+ Redhat Linux 6.2
SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
SuSE Linux Enterprise Server 9
SuSE Linux Desktop 1.0
Sun Solaris 9_x86 Update 2
Sun Solaris 9_x86
Sun Solaris 9
Sun Solaris 8_x86
Sun Solaris 8_sparc
Sun Solaris 7.0_x86
Sun Solaris 7.0
Sun Solaris 10_x86
Sun Solaris 10.0_x86
Sun Solaris 10
SGI ProPack 3.0
SCO Unixware 7.1.4
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux 8.1
Redhat Fedora Core2
Redhat Enterprise Linux WS 3
Redhat Enterprise Linux WS 2.1 IA64
Redhat Enterprise Linux WS 2.1
Redhat Enterprise Linux ES 3
Redhat Enterprise Linux ES 2.1 IA64
Redhat Enterprise Linux ES 2.1
Redhat Enterprise Linux AS 3
Redhat Enterprise Linux AS 2.1 IA64
Redhat Enterprise Linux AS 2.1
Redhat Desktop 3.0
Redhat Advanced Workstation for the Itanium Processor 2.1 IA64
Redhat Advanced Workstation for the Itanium Processor 2.1
PDFLib PDF Library 5.0.2
+ Gentoo Linux
Mandriva Linux Mandrake 10.0 AMD64
Mandriva Linux Mandrake 10.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
LibTIFF LibTIFF 3.6.1
+ Gentoo Linux 1.4
+ Gentoo Linux
+ OpenPKG OpenPKG Current
+ Turbolinux Turbolinux Server 10.0
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 amd64
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
LibTIFF LibTIFF 3.6 .0
LibTIFF LibTIFF 3.5.7
LibTIFF LibTIFF 3.5.5
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Workstation 8.0
+ Turbolinux Turbolinux Workstation 7.0
LibTIFF LibTIFF 3.5.4
LibTIFF LibTIFF 3.5.3
LibTIFF LibTIFF 3.5.2
LibTIFF LibTIFF 3.5.1
LibTIFF LibTIFF 3.4
LibTIFF LibTIFF DO NOT USE
KDE KDE 3.3.1
+ Redhat Fedora Core3
KDE KDE 3.3
KDE KDE 3.2.3
KDE KDE 3.2.2
KDE KDE 3.2.1
KDE KDE 3.2
Avaya Modular Messaging (MSS) 2.0
Avaya Modular Messaging (MSS) 1.1
Avaya Modular Messaging S3400
Avaya MN100
Avaya Intuity LX
Avaya Integrated Management
Avaya CVLAN
Apple Mac OS X Server 10.3.6
Apple Mac OS X Server 10.3.5
Apple Mac OS X Server 10.3.4
Apple Mac OS X Server 10.3.3
Apple Mac OS X Server 10.3.2
Apple Mac OS X Server 10.3.1
Apple Mac OS X Server 10.3
Apple Mac OS X Server 10.2.8
Apple Mac OS X Server 10.2.7
Apple Mac OS X Server 10.2.6
Apple Mac OS X Server 10.2.5
Apple Mac OS X Server 10.2.4
Apple Mac OS X Server 10.2.3
Apple Mac OS X Server 10.2.2
Apple Mac OS X Server 10.2.1
Apple Mac OS X Server 10.2
Apple Mac OS X 10.3.6
Apple Mac OS X 10.3.5
Apple Mac OS X 10.3.4
Apple Mac OS X 10.3.3
Apple Mac OS X 10.3.2
Apple Mac OS X 10.3.1
Apple Mac OS X 10.3
Apple Mac OS X 10.2.8
Apple Mac OS X 10.2.7
Apple Mac OS X 10.2.6
Apple Mac OS X 10.2.5
Apple Mac OS X 10.2.4
Apple Mac OS X 10.2.3
Apple Mac OS X 10.2.2
Apple Mac OS X 10.2.1
Apple Mac OS X 10.2
Not Vulnerable: PDFLib PDF Library 5.0.4 _p1
+ Gentoo Linux 1.4
+ Gentoo Linux
KDE KDE 3.3.2
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
+ Debian Linux 3.1
+ Debian Linux 3.1


 

Privacy Statement
Copyright 2010, SecurityFocus