OVAL Reference oval:org.mitre.oval:def:100117

Oval Definition:

oval:org.mitre.oval:def:100117

Revision Date:	2005-11-16	Version:	17
Title:	libtiff Directory Entry Count Integer Overflow Vulnerability
Description:	Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff 3.5.7 and 3.7.0 allows remote attackers to execute arbitrary code via a TIFF file containing a TIFF_ASCII or TIFF_UNDEFINED directory entry with a -1 entry count, which leads to a heap-based buffer overflow.
Family:	unix	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2004-1308
Platform(s):	Sun Solaris 10 Sun Solaris 7 Sun Solaris 8 Sun Solaris 9	Product(s):	libtiff
Definition Synopsis
Solaris 7 (SPARC) meets Sun Alert ID 101677 criteria. Solaris 7 Installed AND Installed architecture is sparc AND NOT Patch 118953-02 or later installed OR Solaris 7 (x86) meets Sun Alert ID 101677 criteria. Solaris 7 Installed AND ix86 architecture AND NOT Patch 118954-02 or later installed OR Solaris 8 (SPARC) meets Sun Alert ID 101677 criteria. Solaris 8 Installed AND Installed architecture is sparc AND NOT Patch 109931-10 or later installed OR Solaris 8 (x86) meets Sun Alert ID 101677 criteria. Solaris 8 Installed AND ix86 architecture AND NOT Patch 109932-10 or later installed OR Solaris 9 (SPARC) meets Sun Alert ID 101677 criteria. Solaris 9 Installed AND Installed architecture is sparc AND Solaris 9 (SPARC) supporting criteria for Sun Alert ID 101677. Solaris 9 (SPARC) supporting CDE criteria for Sun Alert ID 101677. CDE Desktop Window Manager (SUNWdtwm) installed AND NOT Patch 114219-11 or later installed OR Pkg SUNWTiff is installed OR Pkg SUNWTiffx is installed OR Solaris 9 (x86) meets Sun Alert ID 101677 criteria. Solaris 9 Installed AND ix86 architecture AND Solaris 9 (x86) supporting criteria for Sun Alert ID 101677. Solaris 9 (x86) supporting CDE criteria for Sun Alert ID 101677. CDE Desktop Window Manager (SUNWdtwm) installed AND NOT Patch 114220-11 or later installed OR Pkg SUNWTiff is installed OR Pkg SUNWTiffx is installed OR Solaris 10 (SPARC) meets Sun Alert ID 101677 criteria. Solaris 10 Installed AND Installed architecture is sparc AND Pkg SUNWTiff is installed AND NOT Patch 119900-01 or later installed OR Solaris 10 (x86) meets Sun Alert ID 101677 criteria. Solaris 10 Installed AND ix86 architecture AND Pkg SUNWTiff is installed AND NOT Patch 119901-01 or later installed

BACK