CVSS: 7.5EPSS: 27%CPEs: 39EXPL: 6CVE-2006-3459 – Apple iPhone MobileSafari LibTIFF - 'browser' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-3459
Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdir_count value in the TIFFFetchShortPair function in tif_dirread.c. Múltiples desbordamientos de búfer basados en pila en la librería TIFF (libtiff)anterior a 3.8.2 permiten a atacantes locales o remotos (dependiendo del contexto) provocar una denegación de servicio y posiblemente ejecutar código de su elección a través de vectores desconocidos, incluyendo un valor grande de tdir_count en la función TIFFFetchShortPair de tif_dirread.c • https://www.exploit-db.com/exploits/16862 https://www.exploit-db.com/exploits/16868 https://www.exploit-db.com/exploits/16869 https://www.exploit-db.com/exploits/21869 https://www.exploit-db.com/exploits/21868 https://www.exploit-db.com/exploits/11787 ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html http&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 36%CPEs: 1EXPL: 0CVE-2006-3465 – Multiple libtiff flaws (CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)
https://notcve.org/view.php?id=CVE-2006-3465
Unspecified vulnerability in the custom tag support for the TIFF library (libtiff) before 3.8.2 allows remote attackers to cause a denial of service (instability or crash) and execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en el soporte de etiquetas personalizadas para la librería TIFF (libTIFF) anterior a 3.8.2 permite a atacantes remotos provocar una denegación de servicio (inestabilidad o caída) y ejecutar código de su elección a través de vectores no especificados. • ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc http://docs.info.apple.com/article.html?artnum=304063 http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html http://lwn.net/Alerts/194228 http://secunia.com/advisories/21253 http://secunia.com/advisories/21274 http://secunia.com/advisories/21290 http://secunia.com/advisories/21304 http://secunia.com/advisories/21319& •
CVSS: 7.5EPSS: 1%CPEs: 15EXPL: 1CVE-2006-2193 – tiff2pdf buffer overflow
https://notcve.org/view.php?id=CVE-2006-2193
Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which triggers the overflow when a character is sign extended to an integer that produces more digits than expected in an sprintf call. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=370355 http://bugzilla.remotesensing.org/show_bug.cgi?id=1196 http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html http://secunia.com/advisories/20488 http://secunia.com/advisories/20501 http://secunia.com/advisories/20520 http://secunia.com/advisories/20693 http://secunia.com/advisories/20766 http://secunia.com/advisories/21002 http://secunia.com/advisories/27181 http://secunia.com/advisories/27222 http:&#x •
CVSS: 7.5EPSS: 2%CPEs: 15EXPL: 1CVE-2006-2656 – tiffsplit (libtiff 3.8.2) - Local Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-2656
Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE. Desbordamiento de búfer basado en pila en el comando tiffsplit en libtiff 3.8.2 y versiones anteriores podría permitir a atacantes ejecutar código arbitrario a través de un nombre de archivo largo. NOTA: tiffsplit no es setuid. • https://www.exploit-db.com/exploits/1831 http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html http://marc.info/?l=vuln-dev&m=114857412916909&w=2 http://secunia.com/advisories/20501 http://secunia.com/advisories/20520 http://secunia.com/advisories/20766 http://secunia.com/advisories/21002 http://security.gentoo.org/glsa/glsa-200607-03.xml http://www.debian.org/security/2006/dsa-1091 http://www.mandriva.com/security/advisories?name=MDKSA-2006:095 ht • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.1EPSS: 11%CPEs: 1EXPL: 0CVE-2006-2120
https://notcve.org/view.php?id=CVE-2006-2120
The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers to cause a denial of service (crash) via a crafted TIFF image with Yr/Yg/Yb values that exceed the YCR/YCG/YCB values, which triggers an out-of-bounds read. • ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc http://bugzilla.remotesensing.org/show_bug.cgi?id=1065 http://secunia.com/advisories/19936 http://secunia.com/advisories/19949 http://secunia.com/advisories/19964 http://secunia.com/advisories/20023 http://secunia.com/advisories/20210 http://secunia.com/advisories/20330 http://secunia.com/advisories/20667 http://support.avaya.com/elmodocs2/security/ASA-2006-119.htm http://www.debian.org/security/2006/ •