Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2193

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-2193
Last Modified 17 Aug 2013 01:06:33
Published 08 Jun 2006 03:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2193

Summary

Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which triggers the overflow when a character is sign extended to an integer that produces more digits than expected in an sprintf call.

Vulnerable Systems

Application

  • Libtiff 3.4

  • Libtiff 3.5.1

  • Libtiff 3.5.2

  • Libtiff 3.5.3

  • Libtiff 3.5.4

  • Libtiff 3.5.5

  • Libtiff 3.5.6

  • Libtiff 3.5.7

  • Libtiff 3.6.0

  • Libtiff 3.6.1

  • Libtiff 3.7.0

  • Libtiff 3.7.1

  • Libtiff 3.8.0

  • Libtiff 3.8.1

  • Libtiff 3.8.2


References

DEBIAN - DSA-1091

SECUNIA - 20488

CONFIRM - http://bugzilla.remotesensing.org/show_bug.cgi?id=1196

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=370355

VUPEN - ADV-2007-4034

VUPEN - ADV-2007-3486

VUPEN - ADV-2006-2197

REDHAT - RHSA-2008:0848

SECUNIA - 31670

XF - libtiff-tiff2pdf-bo(26991)

UBUNTU - USN-289-1

BID - 18331

MANDRIVA - MDKSA-2006:102

SUNALERT - 201331

SUNALERT - 103160

GENTOO - GLSA-200607-03

SECUNIA - 27832

SECUNIA - 27222

SECUNIA - 27181

SECUNIA - 21002

SECUNIA - 20766

SECUNIA - 20693

SECUNIA - 20520

SECUNIA - 20501

SUSE - SUSE-SR:2006:014


Last Updated: 27 May 2016 10:42:22