CVE-2004-0803
tiff - heap overflows
EPSS 17.9%
Description
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
How to fix CVE-2004-0803
To remediate CVE-2004-0803, upgrade the affected package to a fixed version below.
- Debian/tiff—upgrade to 3.6.1-2 or later
- Debian/tiff—upgrade to 3.5.5-6woody1 or later
Is CVE-2004-0803 being exploited?
Moderate — EPSS is 17.9%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 3.6.1-2
- from 0, < 3.5.5-6woody1