Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2025

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2006-2025
Last Modified 07 Mar 2011 09:34:49
Published 25 Apr 2006 07:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2006-2025

Summary

Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted TIFF image.

Vulnerable Systems

Application

  • Libtiff 3.4

  • Libtiff 3.5.1

  • Libtiff 3.5.2

  • Libtiff 3.5.3

  • Libtiff 3.5.4

  • Libtiff 3.5.5

  • Libtiff 3.5.6

  • Libtiff 3.5.7

  • Libtiff 3.6.0

  • Libtiff 3.6.1

  • Libtiff 3.7.0

  • Libtiff 3.7.1

  • Libtiff 3.8.0


References

CONFIRM - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189933

MISC - http://bugzilla.remotesensing.org/show_bug.cgi?id=1102

VUPEN - ADV-2006-1563

XF - libtiff-tifffetchdata-overflow(26134)

UBUNTU - USN-277-1

TRUSTIX - 2006-0024

BID - 17732

REDHAT - RHSA-2006:0425

SUSE - SUSE-SR:2006:009

MANDRIVA - MDKSA-2006:082

GENTOO - GLSA-200605-17

DEBIAN - DSA-1054

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2006-119.htm

SUNALERT - 201332

SUNALERT - 103099

SECUNIA - 20667

SECUNIA - 20345

SECUNIA - 20210

SECUNIA - 20023

SECUNIA - 20021

SECUNIA - 19964

SECUNIA - 19949

SECUNIA - 19936

SECUNIA - 19897

SECUNIA - 19838

SGI - 20060501-01-U


Last Updated: 27 May 2016 10:42:18