CVE-2006-3356

Published: Jul 6, 2006Modified: Apr 16, 2026

2.6

Vector

AV:N/AC:H/Au:N/C:N/I:N/A:P

Exploitability: 4.9 / Impact: 2.9

Source: NVD

Description

The TIFFFetchAnyArray function in ImageIO in Apple OS X 10.4.7 and earlier allows remote user-assisted attackers to cause a denial of service (application crash) via an invalid tag value in a TIFF image, possibly triggering a null dereference. NOTE: This is a different issue than CVE-2006-1469.

Affected (2)

Products: Apple: Mac Os X, Mac Os X Server

2 products

Mac Os X Server

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Apple Mac Os X	Up to 10.4.7
Apple Mac Os X Server	Up to 10.4.7

References (6)

http://www.security-protocols.com/sp-x31-advisory.php

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/2606

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/27482

Source: cve@mitre.org

http://www.security-protocols.com/sp-x31-advisory.php

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2006/2606

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/27482

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.