Published: 03/08/2006 Updated: 11/10/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 780

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple stack-based buffer overflows in the TIFF library (libtiff) prior to 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent malicious users to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdir_count value in the TIFFFetchShortPair function in tif_dirread.c.

Vulnerable Product	Search on Vulmon	Subscribe to Product
libtiff libtiff 3.5.7
libtiff libtiff 3.5.4
libtiff libtiff 3.4
libtiff libtiff 3.6.1
libtiff libtiff 3.7.0
libtiff libtiff 3.5.1
libtiff libtiff 3.5.5
libtiff libtiff 3.5.6
libtiff libtiff 3.6.0
libtiff libtiff 3.5.2
libtiff libtiff 3.7.1
libtiff libtiff 3.7.3
libtiff libtiff 3.7.4
libtiff libtiff
libtiff libtiff 3.5.3
libtiff libtiff 3.8.0
libtiff libtiff 3.7.2

Tavis Ormandy discovered that the TIFF library did not sufficiently check handled images for validity By tricking an user or an automated system into processing a specially crafted TIFF image, an attacker could exploit these weaknesses to execute arbitrary code with the target application’s privileges ...

Tavis Ormandy of the Google Security Team discovered several problems in the TIFF library The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2006-3459 Several stack-buffer overflows have been discovered CVE-2006-3460 A heap overflow vulnerability in the JPEG decoder may overrun a buffer with more da ...

## # $Id: mobilemail_libtiffrb 10394 2010-09-20 08:06:27Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' cl ...

## # $Id: safari_libtiffrb 10394 2010-09-20 08:06:27Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class ...

## # $Id: mobilemail_libtiffrb 15950 2012-10-09 18:31:08Z rapid7 $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # web site for more information on licensing and terms of use # metasploitcom/ ## require 'msf/core' class Metasploit3 & ...

## # $Id: safari_libtiffrb 15950 2012-10-09 18:31:08Z rapid7 $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # web site for more information on licensing and terms of use # metasploitcom/ ## require 'msf/core' class Metasploit3 < ...

## # $Id: safari_libtiffrb 10394 2010-09-20 08:06:27Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class ...

__doc__=''' Title: Adobe PDF LibTiff Integer Overflow Code Execution Product: Adobe Acrobat Reader Version: <=830, <=930 CVE: 2010-0188 Author: villy (villys777 at gmailcom) Site: bugix-securityblogspotcom/ Tested : succesfully tested on Adobe Reader 91/92/93 OS Windows XP(SP2,SP3) ------------------------------------------ ...

CVE-2006-3459

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect