CVE-2004-1307

Name of the Vulnerable Software and Affected Versions: libtiff version 3.6.1

Description: The issue is related to an integer overflow in the TIFFFetchStripThing function, which can be exploited by remote attackers using a specially crafted TIFF file. This file would have the STRIPOFFSETS flag set and contain a large number of strips, leading to the allocation of a zero-byte buffer and resulting in a heap-based buffer overflow. This could potentially allow the execution of arbitrary code.

Recommendations: For libtiff version 3.6.1, consider updating to a newer version that addresses this issue, as using a version with this flaw could lead to arbitrary code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.