Page 22 of 126 results (0.010 seconds)

CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0

CVE-2006-3464 – Multiple libtiff flaws (CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)

https://notcve.org/view.php?id=CVE-2006-3464

TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to pass numeric range checks and possibly execute code, and trigger assert errors, via large offset values in a TIFF directory that lead to an integer overflow and other unspecified vectors involving "unchecked arithmetic operations". La libreria TIFF (libtiff) anterior a 3.8.2 permite a atacantes dependientes del contexto pasar la validación de rango de números y posiblemente ejecutar código, y disparar avisos de error, a través de valores de offset en un directorio TIFF que conduce a un desbordamiento de entero y otros vectores no especificados afectando a "operaciones aritméticas no validadas". • ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc http://lwn.net/Alerts/194228 http://secunia.com/advisories/21274 http://secunia.com/advisories/21290 http://secunia.com/advisories/21304 http://secunia.com/advisories/21319 http://secunia.com/advisories/21334 http://secunia.com/advisories/21338 http://secunia.com/advisories/21346 http://secunia.com/advisories/21370 http://secunia • CWE-189: Numeric Errors •

CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 0

CVE-2006-3461 – Multiple libtiff flaws (CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)

https://notcve.org/view.php?id=CVE-2006-3461

Heap-based buffer overflow in the PixarLog decoder in the TIFF library (libtiff) before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors. Desbordamiento de búfer basado en montón en el decodificador PixarLog en la biblioteca TIFF (libtiff) versiones anteriores a 3.8.2 podría permitir a atacantes locales o remotos dependientes del contexto ejecutar código de su elección mediante vectores desconocidos. • ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html http://lwn.net/Alerts/194228 http://secunia.com/advisories/21253 http://secunia.com/advisories/21274 http://secunia.com/advisories/21290 http://secunia.com/advisories/21304 http://secunia.com/advisories/21319 http://secunia.com/advisories/21334 http://secunia& •

CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 0

CVE-2006-3462 – Multiple libtiff flaws (CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)

https://notcve.org/view.php?id=CVE-2006-3462

Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library (libtiff) before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images. Desbordamiento de búfer basado en pila en el descodificador NeXT RLE en la librería TIFF (libtiff) anterior a 3.8.2 podría permitir a atacantes dependientes de contexto ejecutar código de su elección mediante vectores no especificados que implican la descodificación de imágenes RLE grandes. • ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc http://docs.info.apple.com/article.html?artnum=304063 http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html http://lwn.net/Alerts/194228 http://secunia.com/advisories/21253 http://secunia.com/advisories/21274 http://secunia.com/advisories/21290 http://secunia.com/advisories/21304 http://secunia.com/advisories/21319& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 27%CPEs: 39EXPL: 6

CVE-2006-3459 – Apple iPhone MobileSafari LibTIFF - 'browser' Remote Buffer Overflow

https://notcve.org/view.php?id=CVE-2006-3459

Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdir_count value in the TIFFFetchShortPair function in tif_dirread.c. Múltiples desbordamientos de búfer basados en pila en la librería TIFF (libtiff)anterior a 3.8.2 permiten a atacantes locales o remotos (dependiendo del contexto) provocar una denegación de servicio y posiblemente ejecutar código de su elección a través de vectores desconocidos, incluyendo un valor grande de tdir_count en la función TIFFFetchShortPair de tif_dirread.c • https://www.exploit-db.com/exploits/16862 https://www.exploit-db.com/exploits/16868 https://www.exploit-db.com/exploits/16869 https://www.exploit-db.com/exploits/21869 https://www.exploit-db.com/exploits/21868 https://www.exploit-db.com/exploits/11787 ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html http&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 36%CPEs: 1EXPL: 0

CVE-2006-3465 – Multiple libtiff flaws (CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)

https://notcve.org/view.php?id=CVE-2006-3465

Unspecified vulnerability in the custom tag support for the TIFF library (libtiff) before 3.8.2 allows remote attackers to cause a denial of service (instability or crash) and execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en el soporte de etiquetas personalizadas para la librería TIFF (libTIFF) anterior a 3.8.2 permite a atacantes remotos provocar una denegación de servicio (inestabilidad o caída) y ejecutar código de su elección a través de vectores no especificados. • ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc http://docs.info.apple.com/article.html?artnum=304063 http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html http://lwn.net/Alerts/194228 http://secunia.com/advisories/21253 http://secunia.com/advisories/21274 http://secunia.com/advisories/21290 http://secunia.com/advisories/21304 http://secunia.com/advisories/21319& •