CVE-2004-0929

Published: Oct 26, 2004

Modified: Aug 8, 2024

PUBLISHED

Description

Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg.c for libtiff 3.6.1 and earlier, when compiled with the OJPEG_SUPPORT (old JPEG support) option, allows remote attackers to execute arbitrary code via a malformed TIFF image.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20041022 Novell SuSe Linux LibTIFF Heap Overflow Vulnerability

third-party-advisory

x_refsource_IDEFENSE

SUSE-SA:2004:038

vendor-advisory

x_refsource_SUSE

libtiff-ojpegvsetfield-bo(17843)

vdb-entry

x_refsource_XF

VU#129910

third-party-advisory

x_refsource_CERT-VN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2004-0929

Description

Affected Products

References