|
|
LibTIFF Multiple Buffer Overflow Vulnerabilities
|
Bugtraq ID:
|
11406
|
|
Class:
|
Boundary Condition Error
|
|
CVE:
|
CAN-2004-0803
CAN-2004-0886
CAN-2004-0804
|
|
Remote:
|
Yes
|
|
Local:
|
Yes
|
|
Published:
|
Oct 13 2004 12:00AM
|
|
Updated:
|
Oct 13 2004 12:00AM
|
|
Credit:
|
Discovery of these issues is credited to Chris Evans <chris@scary.beasts.org>, Matthias Clasen and Dmitry V. Levin.
|
|
Vulnerable:
|
wxGTK2 wxGTK2 2.5 .0
wxGTK2 wxGTK2
Trustix Secure Linux 2.1
Trustix Secure Linux 2.0
Trustix Secure Linux 1.5
Trustix Secure Enterprise Linux 2.0
teTeX teTeX 1.0.7
+
Conectiva Linux 8.0
+
Conectiva Linux 8.0
+
Conectiva Linux 7.0
+
Conectiva Linux 7.0
+
Conectiva Linux 6.0
+
Conectiva Linux 6.0
+
Debian Linux 3.0 sparc
+
Debian Linux 3.0 sparc
+
Debian Linux 3.0 s/390
+
Debian Linux 3.0 s/390
+
Debian Linux 3.0 ppc
+
Debian Linux 3.0 ppc
+
Debian Linux 3.0 mipsel
+
Debian Linux 3.0 mipsel
+
Debian Linux 3.0 mips
+
Debian Linux 3.0 mips
+
Debian Linux 3.0 m68k
+
Debian Linux 3.0 m68k
+
Debian Linux 3.0 ia-64
+
Debian Linux 3.0 ia-64
+
Debian Linux 3.0 ia-32
+
Debian Linux 3.0 ia-32
+
Debian Linux 3.0 hppa
+
Debian Linux 3.0 hppa
+
Debian Linux 3.0 arm
+
Debian Linux 3.0 arm
+
Debian Linux 3.0 alpha
+
Debian Linux 3.0 alpha
+
Debian Linux 3.0
+
Debian Linux 3.0
+
HP Secure OS software for Linux 1.0
+
HP Secure OS software for Linux 1.0
+
Immunix Immunix OS 7.0 beta
+
Immunix Immunix OS 7.0 beta
+
Immunix Immunix OS 7.0
+
Immunix Immunix OS 7.0
+
Immunix Immunix OS 6.2
+
Immunix Immunix OS 6.2
+
MandrakeSoft Corporate Server 1.0.1
+
MandrakeSoft Corporate Server 1.0.1
+
MandrakeSoft Linux Mandrake 9.0
+
MandrakeSoft Linux Mandrake 9.0
+
MandrakeSoft Linux Mandrake 8.2 ppc
+
MandrakeSoft Linux Mandrake 8.2 ppc
+
MandrakeSoft Linux Mandrake 8.2
+
MandrakeSoft Linux Mandrake 8.2
+
MandrakeSoft Linux Mandrake 8.1 ia64
+
MandrakeSoft Linux Mandrake 8.1 ia64
+
MandrakeSoft Linux Mandrake 8.1
+
MandrakeSoft Linux Mandrake 8.1
+
MandrakeSoft Linux Mandrake 8.0 ppc
+
MandrakeSoft Linux Mandrake 8.0 ppc
+
MandrakeSoft Linux Mandrake 8.0
+
MandrakeSoft Linux Mandrake 8.0
+
MandrakeSoft Linux Mandrake 7.2
+
MandrakeSoft Linux Mandrake 7.2
+
MandrakeSoft Linux Mandrake 7.1
+
MandrakeSoft Linux Mandrake 7.1
+
RedHat Desktop 3.0
+
RedHat Desktop 3.0
+
RedHat Enterprise Linux AS 3
+
RedHat Enterprise Linux AS 3
+
RedHat Enterprise Linux AS 2.1 IA64
+
RedHat Enterprise Linux AS 2.1 IA64
+
RedHat Enterprise Linux AS 2.1
+
RedHat Enterprise Linux AS 2.1
+
RedHat Enterprise Linux ES 3
+
RedHat Enterprise Linux ES 3
+
RedHat Enterprise Linux ES 2.1 IA64
+
RedHat Enterprise Linux ES 2.1 IA64
+
RedHat Enterprise Linux ES 2.1
+
RedHat Enterprise Linux ES 2.1
+
RedHat Enterprise Linux WS 3
+
RedHat Enterprise Linux WS 2.1 IA64
+
RedHat Enterprise Linux WS 2.1 IA64
+
RedHat Enterprise Linux WS 2.1
+
RedHat Enterprise Linux WS 2.1
+
RedHat Linux 8.0 i386
+
RedHat Linux 8.0 i386
+
RedHat Linux 8.0
+
RedHat Linux 8.0
+
RedHat Linux 7.3 i386
+
RedHat Linux 7.3 i386
+
RedHat Linux 7.3
+
RedHat Linux 7.3
+
RedHat Linux 7.2 ia64
+
RedHat Linux 7.2 ia64
+
RedHat Linux 7.2 i386
+
RedHat Linux 7.2 i386
+
RedHat Linux 7.2
+
RedHat Linux 7.2
+
RedHat Linux 7.1 ia64
+
RedHat Linux 7.1 ia64
+
RedHat Linux 7.1 i386
+
RedHat Linux 7.1 i386
+
RedHat Linux 7.1 alpha
+
RedHat Linux 7.1 alpha
+
RedHat Linux 7.1
+
RedHat Linux 7.1
+
RedHat Linux 7.0 i386
+
RedHat Linux 7.0 i386
+
RedHat Linux 7.0 alpha
+
RedHat Linux 7.0 alpha
+
RedHat Linux 7.0
+
RedHat Linux 7.0
+
RedHat Linux Advanced Work Station 2.1
+
RedHat Linux Advanced Work Station 2.1
teTeX teTeX 1.0.6
+
Debian Linux 2.2 sparc
+
Debian Linux 2.2 sparc
+
Debian Linux 2.2 powerpc
+
Debian Linux 2.2 powerpc
+
Debian Linux 2.2 IA-32
+
Debian Linux 2.2 arm
+
Debian Linux 2.2 arm
+
Debian Linux 2.2 alpha
+
Debian Linux 2.2 alpha
+
Debian Linux 2.2 68k
+
Debian Linux 2.2 68k
+
Debian Linux 2.2
+
Debian Linux 2.2
+
RedHat Linux 6.2 sparc
+
RedHat Linux 6.2 sparc
+
RedHat Linux 6.2 i386
+
RedHat Linux 6.2 i386
+
RedHat Linux 6.2 alpha
+
RedHat Linux 6.2 alpha
+
RedHat Linux 6.2
+
RedHat Linux 6.2
Sun Solaris 9_x86 Update 2
Sun Solaris 9_x86
Sun Solaris 9
Sun Solaris 8_x86
Sun Solaris 8
Sun Solaris 7.0_x86
Sun Solaris 7.0
Sun Solaris 10_x86
Sun Solaris 10.0_x86
Sun Solaris 10
SGI ProPack 3.0
SCO Unixware 7.1.4
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Enterprise Server 8
S.u.S.E. Linux Desktop 1.0
S.u.S.E. Linux 8.1
RedHat Fedora Core2
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Enterprise Linux AS 3
RedHat Enterprise Linux AS 2.1 IA64
RedHat Enterprise Linux AS 2.1
RedHat Desktop 3.0
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
RedHat Advanced Workstation for the Itanium Processor 2.1
PDFLib PDF Library 5.0.2
+
Gentoo Linux
MandrakeSoft Linux Mandrake 10.0 AMD64
MandrakeSoft Linux Mandrake 10.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
LibTIFF LibTIFF 3.6.1
+
Gentoo Linux 1.4
+
Gentoo Linux
+
OpenPKG OpenPKG Current
+
Turbolinux Turbolinux Server 10.0
+
Ubuntu Ubuntu Linux 5.0 4 powerpc
+
Ubuntu Ubuntu Linux 5.0 4 i386
+
Ubuntu Ubuntu Linux 5.0 4 amd64
+
Ubuntu Ubuntu Linux 4.1 ppc
+
Ubuntu Ubuntu Linux 4.1 ia64
+
Ubuntu Ubuntu Linux 4.1 ia32
LibTIFF LibTIFF 3.6 .0
LibTIFF LibTIFF 3.5.7
LibTIFF LibTIFF 3.5.5
+
Debian Linux 3.0 sparc
+
Debian Linux 3.0 s/390
+
Debian Linux 3.0 ppc
+
Debian Linux 3.0 mipsel
+
Debian Linux 3.0 mips
+
Debian Linux 3.0 m68k
+
Debian Linux 3.0 ia-64
+
Debian Linux 3.0 ia-32
+
Debian Linux 3.0 hppa
+
Debian Linux 3.0 arm
+
Debian Linux 3.0 alpha
+
Debian Linux 3.0
+
Turbolinux Turbolinux Server 7.0
+
Turbolinux Turbolinux Workstation 8.0
+
Turbolinux Turbolinux Workstation 7.0
LibTIFF LibTIFF 3.5.4
LibTIFF LibTIFF 3.5.3
LibTIFF LibTIFF 3.5.2
LibTIFF LibTIFF 3.5.1
LibTIFF LibTIFF 3.4
KDE KDE 3.3.1
+
RedHat Fedora Core3
KDE KDE 3.3
KDE KDE 3.2.3
KDE KDE 3.2.2
KDE KDE 3.2.1
KDE KDE 3.2
Avaya Modular Messaging (MSS) 2.0
Avaya Modular Messaging (MSS) 1.1
Avaya Modular Messaging S3400
Avaya MN100
Avaya Intuity LX
Avaya Integrated Management
Avaya CVLAN
Apple Mac OS X Server 10.3.6
Apple Mac OS X Server 10.3.5
Apple Mac OS X Server 10.3.4
Apple Mac OS X Server 10.3.3
Apple Mac OS X Server 10.3.2
Apple Mac OS X Server 10.3.1
Apple Mac OS X Server 10.3
Apple Mac OS X Server 10.2.8
Apple Mac OS X Server 10.2.7
Apple Mac OS X Server 10.2.6
Apple Mac OS X Server 10.2.5
Apple Mac OS X Server 10.2.4
Apple Mac OS X Server 10.2.3
Apple Mac OS X Server 10.2.2
Apple Mac OS X Server 10.2.1
Apple Mac OS X Server 10.2
Apple Mac OS X 10.3.6
Apple Mac OS X 10.3.5
Apple Mac OS X 10.3.4
Apple Mac OS X 10.3.3
Apple Mac OS X 10.3.2
Apple Mac OS X 10.3.1
Apple Mac OS X 10.3
Apple Mac OS X 10.2.8
Apple Mac OS X 10.2.7
Apple Mac OS X 10.2.6
Apple Mac OS X 10.2.5
Apple Mac OS X 10.2.4
Apple Mac OS X 10.2.3
Apple Mac OS X 10.2.2
Apple Mac OS X 10.2.1
Apple Mac OS X 10.2
|
|
|
|
Not Vulnerable:
|
PDFLib PDF Library 5.0.4 _p1
+
Gentoo Linux 1.4
+
Gentoo Linux
KDE KDE 3.3.2
+
Debian Linux 3.1 sparc
+
Debian Linux 3.1 s/390
+
Debian Linux 3.1 s/390
+
Debian Linux 3.1 s/390
+
Debian Linux 3.1 ppc
+
Debian Linux 3.1 ppc
+
Debian Linux 3.1 ppc
+
Debian Linux 3.1 mipsel
+
Debian Linux 3.1 mipsel
+
Debian Linux 3.1 mipsel
+
Debian Linux 3.1 mips
+
Debian Linux 3.1 mips
+
Debian Linux 3.1 mips
+
Debian Linux 3.1 m68k
+
Debian Linux 3.1 m68k
+
Debian Linux 3.1 m68k
+
Debian Linux 3.1 ia-64
+
Debian Linux 3.1 ia-64
+
Debian Linux 3.1 ia-64
+
Debian Linux 3.1 ia-32
+
Debian Linux 3.1 ia-32
+
Debian Linux 3.1 ia-32
+
Debian Linux 3.1 hppa
+
Debian Linux 3.1 hppa
+
Debian Linux 3.1 hppa
+
Debian Linux 3.1 arm
+
Debian Linux 3.1 arm
+
Debian Linux 3.1 arm
+
Debian Linux 3.1 amd64
+
Debian Linux 3.1 amd64
+
Debian Linux 3.1 amd64
+
Debian Linux 3.1 alpha
+
Debian Linux 3.1 alpha
+
Debian Linux 3.1 alpha
+
Debian Linux 3.1
+
Debian Linux 3.1
+
Debian Linux 3.1
|
|
|
