CVE-2004-0804

CVSS V2 Medium 4.3 CVSS V3 None
Description
Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (application crash) via a TIFF image that causes a divide-by-zero error when the number of row bytes is zero, a different vulnerability than CVE-2005-2452.
Overview
  • CVE ID
  • CVE-2004-0804
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2004-11-03T05:00:00
  • Last Modified Date
  • 2019-12-31T19:18:24
Weakness Enumerations
CWE URL
CWE-369 http://cwe.mitre.org/data/definitions/369.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:* 1 OR 3.7.0
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:M/Au:N/C:N/I:N/A:P
  • Access Vector
  • NETWORK
  • Access Compatibility
  • MEDIUM
  • Authentication
  • NONE
  • Confidentiality Impact
  • NONE
  • Integrity Impact
  • NONE
  • Availability Impact
  • PARTIAL
  • Base Score
  • 4.3
  • Severity
  • MEDIUM
  • Exploitability Score
  • 8.6
  • Impact Score
  • 2.9
References
Reference URL Reference Tags
http://www.debian.org/security/2004/dsa-567 Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2004-577.html Patch Vendor Advisory
http://bugzilla.remotesensing.org/show_bug.cgi?id=111 Issue Tracking
http://www.kde.org/info/security/advisory-20041209-2.txt Third Party Advisory
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888 Broken Link
http://www.redhat.com/support/errata/RHSA-2005-354.html Not Applicable
http://www.novell.com/linux/security/advisories/2004_38_libtiff.html Broken Link
http://www.kb.cert.org/vuls/id/555304 Third Party Advisory US Government Resource
http://www.redhat.com/support/errata/RHSA-2005-021.html Not Applicable
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1 Broken Link
http://www.mandriva.com/security/advisories?name=MDKSA-2004:109 Broken Link
http://www.mandriva.com/security/advisories?name=MDKSA-2005:052 Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1 Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/17755 Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11711 Tool Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100115 Tool Signature
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2004-0804
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0804
History
Created Old Value New Value Data Type Notes
2022-05-10 16:54:54 Added to TrackCVE