CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 0CVE-2006-3461 – Multiple libtiff flaws (CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)
https://notcve.org/view.php?id=CVE-2006-3461
03 Aug 2006 — Heap-based buffer overflow in the PixarLog decoder in the TIFF library (libtiff) before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors. Desbordamiento de búfer basado en montón en el decodificador PixarLog en la biblioteca TIFF (libtiff) versiones anteriores a 3.8.2 podría permitir a atacantes locales o remotos dependientes del contexto ejecutar código de su elección mediante vectores desconocidos. • ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P •
CVSS: 9.8EPSS: 26%CPEs: 1EXPL: 0CVE-2006-3465 – Multiple libtiff flaws (CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)
https://notcve.org/view.php?id=CVE-2006-3465
03 Aug 2006 — Unspecified vulnerability in the custom tag support for the TIFF library (libtiff) before 3.8.2 allows remote attackers to cause a denial of service (instability or crash) and execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en el soporte de etiquetas personalizadas para la librería TIFF (libTIFF) anterior a 3.8.2 permite a atacantes remotos provocar una denegación de servicio (inestabilidad o caída) y ejecutar código de su elección a través de vectores no especificados. • ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P •
CVSS: 7.8EPSS: 2%CPEs: 1EXPL: 0CVE-2006-3463 – Multiple libtiff flaws (CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)
https://notcve.org/view.php?id=CVE-2006-3463
03 Aug 2006 — The EstimateStripByteCounts function in TIFF library (libtiff) before 3.8.2 uses a 16-bit unsigned short when iterating over an unsigned 32-bit value, which allows context-dependent attackers to cause a denial of service via a large td_nstrips value, which triggers an infinite loop. La función EstimateStripByteCounts en TIFF library (libtiff) versiones anteriores a 3.8.2 utiliza un valor corto sin signo de 16-bit cuando itera sobre un valor sin signo de 32-bit, que permite a atacantes locales o remotos depe... • ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 0CVE-2006-3462 – Multiple libtiff flaws (CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)
https://notcve.org/view.php?id=CVE-2006-3462
03 Aug 2006 — Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library (libtiff) before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images. Desbordamiento de búfer basado en pila en el descodificador NeXT RLE en la librería TIFF (libtiff) anterior a 3.8.2 podría permitir a atacantes dependientes de contexto ejecutar código de su elección mediante vectores no especificados que implican la descodificación de imágenes RLE grandes. • ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 0CVE-2006-3464 – Multiple libtiff flaws (CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)
https://notcve.org/view.php?id=CVE-2006-3464
03 Aug 2006 — TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to pass numeric range checks and possibly execute code, and trigger assert errors, via large offset values in a TIFF directory that lead to an integer overflow and other unspecified vectors involving "unchecked arithmetic operations". La libreria TIFF (libtiff) anterior a 3.8.2 permite a atacantes dependientes del contexto pasar la validación de rango de números y posiblemente ejecutar código, y disparar avisos de error, a través de valo... • ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 37%CPEs: 39EXPL: 6CVE-2006-3459 – Apple iPhone MobileSafari LibTIFF - 'browser' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-3459
03 Aug 2006 — Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdir_count value in the TIFFFetchShortPair function in tif_dirread.c. Múltiples desbordamientos de búfer basados en pila en la librería TIFF (libtiff)anterior a 3.8.2 permiten a atacantes locales o remotos (dependiendo del contexto) provocar una de... • https://www.exploit-db.com/exploits/16862 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 15EXPL: 1CVE-2006-2193 – tiff2pdf buffer overflow
https://notcve.org/view.php?id=CVE-2006-2193
08 Jun 2006 — Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which triggers the overflow when a character is sign extended to an integer that produces more digits than expected in an sprintf call. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=370355 •
CVSS: 9.8EPSS: 2%CPEs: 15EXPL: 1CVE-2006-2656 – tiffsplit (libtiff 3.8.2) - Local Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-2656
30 May 2006 — Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE. Desbordamiento de búfer basado en pila en el comando tiffsplit en libtiff 3.8.2 y versiones anteriores podría permitir a atacantes ejecutar código arbitra... • https://www.exploit-db.com/exploits/1831 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 3CVE-2006-2025 – LibTiff 3.x - TIFFFetchData Integer Overflow
https://notcve.org/view.php?id=CVE-2006-2025
25 Apr 2006 — Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted TIFF image. • https://www.exploit-db.com/exploits/27764 •
CVSS: 6.5EPSS: 1%CPEs: 13EXPL: 2CVE-2006-2024 – LibTiff 3.x - Multiple Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2006-2024
25 Apr 2006 — Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent attackers to cause a denial of service via a TIFF image that triggers errors in (1) the TIFFFetchAnyArray function in (a) tif_dirread.c; (2) certain "codec cleanup methods" in (b) tif_lzw.c, (c) tif_pixarlog.c, and (d) tif_zip.c; (3) and improper restoration of setfield and getfield methods in cleanup functions within (e) tif_jpeg.c, tif_pixarlog.c, (f) tif_fax3.c, and tif_zip.c. • https://www.exploit-db.com/exploits/27762 •