Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0405

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-0405
Last Modified 07 Mar 2011 12:00:00
Published 24 Jan 2006 09:03:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0405

Summary

The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a NULL pointer dereference, possibly due to changes in type declarations and/or the TIFFVSetField function.

Vulnerable Systems

Application

  • Libtiff 3.8.0


References

XF - libtiff-tiffvsetfield-dos(24275)

VUPEN - ADV-2006-0302

BID - 18172

GENTOO - GLSA-200605-17

SECUNIA - 20345

SECUNIA - 18587

MISC - http://bugzilla.remotesensing.org/show_bug.cgi?id=1034

MISC - http://bugzilla.remotesensing.org/show_bug.cgi?id=1029


Last Updated: 27 May 2016 10:41:38