CVE-2006-2025

Published: Apr 25, 2006Modified: Apr 16, 2026

6.5

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability: 8.0 / Impact: 6.4

Source: NVD

Description

Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted TIFF image.

Affected (13)

Products: Libtiff: Libtiff

1 product

Configuration A

13 vulnerable

Vulnerable Software	Affected Versions
Libtiff Libtiff	Up to 3.8.0
Libtiff Libtiff	Version 3.4
Libtiff Libtiff	Version 3.5.1
Libtiff Libtiff	Version 3.5.2
Libtiff Libtiff	Version 3.5.3
Libtiff Libtiff	Version 3.5.4
Libtiff Libtiff	Version 3.5.5
Libtiff Libtiff	Version 3.5.6
Libtiff Libtiff	Version 3.5.7
Libtiff Libtiff	Version 3.6.0
Libtiff Libtiff	Version 3.6.1
Libtiff Libtiff	Version 3.7.0
Libtiff Libtiff	Version 3.7.1

References (54)

ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc (unsafe URL)

Source: cve@mitre.org

http://bugzilla.remotesensing.org/show_bug.cgi?id=1102

Source: cve@mitre.org

ExploitPatch

http://secunia.com/advisories/19838

Source: cve@mitre.org

http://secunia.com/advisories/19897

Source: cve@mitre.org

http://secunia.com/advisories/19936

Source: cve@mitre.org

http://secunia.com/advisories/19949

Source: cve@mitre.org

http://secunia.com/advisories/19964

Source: cve@mitre.org

http://secunia.com/advisories/20021

Source: cve@mitre.org

http://secunia.com/advisories/20023

Source: cve@mitre.org

http://secunia.com/advisories/20210

Source: cve@mitre.org

http://secunia.com/advisories/20345

Source: cve@mitre.org

http://secunia.com/advisories/20667

Source: cve@mitre.org

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103099-1

Source: cve@mitre.org

http://sunsolve.sun.com/search/document.do?assetkey=1-66-201332-1

Source: cve@mitre.org

http://support.avaya.com/elmodocs2/security/ASA-2006-119.htm

Source: cve@mitre.org

http://www.debian.org/security/2006/dsa-1054

Source: cve@mitre.org

http://www.gentoo.org/security/en/glsa/glsa-200605-17.xml

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2006:082

Source: cve@mitre.org

http://www.novell.com/linux/security/advisories/2006_04_28.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2006-0425.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/17732

Source: cve@mitre.org

http://www.trustix.org/errata/2006/0024

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/1563

Source: cve@mitre.org

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189933

Source: cve@mitre.org

ExploitPatch

https://exchange.xforce.ibmcloud.com/vulnerabilities/26134

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10593

Source: cve@mitre.org

https://usn.ubuntu.com/277-1/

Source: cve@mitre.org

ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc (unsafe URL)

Source: af854a3a-2127-422b-91ae-364da2661108

http://bugzilla.remotesensing.org/show_bug.cgi?id=1102

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

http://secunia.com/advisories/19838

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/19897

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/19936

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/19949

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/19964

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/20021

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/20023

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/20210

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/20345

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/20667

Source: af854a3a-2127-422b-91ae-364da2661108

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103099-1

Source: af854a3a-2127-422b-91ae-364da2661108

http://sunsolve.sun.com/search/document.do?assetkey=1-66-201332-1

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.avaya.com/elmodocs2/security/ASA-2006-119.htm

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2006/dsa-1054

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.gentoo.org/security/en/glsa/glsa-200605-17.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDKSA-2006:082

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.novell.com/linux/security/advisories/2006_04_28.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2006-0425.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/17732

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.trustix.org/errata/2006/0024

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2006/1563

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189933

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

https://exchange.xforce.ibmcloud.com/vulnerabilities/26134

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10593

Source: af854a3a-2127-422b-91ae-364da2661108

https://usn.ubuntu.com/277-1/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.