CVE-2006-2024 – LibTiff 3.x - Multiple Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2006-2024
Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent attackers to cause a denial of service via a TIFF image that triggers errors in (1) the TIFFFetchAnyArray function in (a) tif_dirread.c; (2) certain "codec cleanup methods" in (b) tif_lzw.c, (c) tif_pixarlog.c, and (d) tif_zip.c; (3) and improper restoration of setfield and getfield methods in cleanup functions within (e) tif_jpeg.c, tif_pixarlog.c, (f) tif_fax3.c, and tif_zip.c. • https://www.exploit-db.com/exploits/27762 ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc http://bugzilla.remotesensing.org/show_bug.cgi?id=1102 http://secunia.com/advisories/19838 http://secunia.com/advisories/19851 http://secunia.com/advisories/19897 http://secunia.com/advisories/19936 http://secunia.com/advisories/19949 http://secunia.com/advisories/19964 http://secunia.com/advisories/20021 http://secunia.com/advisories/20023 http://secunia.com •
CVE-2006-2025 – LibTiff 3.x - TIFFFetchData Integer Overflow
https://notcve.org/view.php?id=CVE-2006-2025
Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted TIFF image. • https://www.exploit-db.com/exploits/27764 ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc http://bugzilla.remotesensing.org/show_bug.cgi?id=1102 http://secunia.com/advisories/19838 http://secunia.com/advisories/19897 http://secunia.com/advisories/19936 http://secunia.com/advisories/19949 http://secunia.com/advisories/19964 http://secunia.com/advisories/20021 http://secunia.com/advisories/20023 http://secunia.com/advisories/20210 http://secunia.com •
CVE-2006-2026 – LibTiff 3.x - Double-Free Memory Corruption
https://notcve.org/view.php?id=CVE-2006-2026
Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers errors related to "setfield/getfield methods in cleanup functions." • https://www.exploit-db.com/exploits/27765 ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc http://bugzilla.remotesensing.org/show_bug.cgi?id=1102 http://secunia.com/advisories/19838 http://secunia.com/advisories/19897 http://secunia.com/advisories/19936 http://secunia.com/advisories/19949 http://secunia.com/advisories/19964 http://secunia.com/advisories/20021 http://secunia.com/advisories/20023 http://secunia.com/advisories/20210 http://secunia.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2006-0405
https://notcve.org/view.php?id=CVE-2006-0405
The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a NULL pointer dereference, possibly due to changes in type declarations and/or the TIFFVSetField function. La función TIFFFetchShortPair en tif_dirread.c en libtiff 3.8.0 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) mediante una imagen TIFF artesanal que dispara una desreferencia a puntero NULO, posiblemente debido a cambios en declaraciones de tipos y/o la función TIFFVSetField. • http://bugzilla.remotesensing.org/show_bug.cgi?id=1029 http://bugzilla.remotesensing.org/show_bug.cgi?id=1034 http://secunia.com/advisories/18587 http://secunia.com/advisories/20345 http://www.gentoo.org/security/en/glsa/glsa-200605-17.xml http://www.securityfocus.com/bid/18172 http://www.vupen.com/english/advisories/2006/0302 https://exchange.xforce.ibmcloud.com/vulnerabilities/24275 •
CVE-2005-2452
https://notcve.org/view.php?id=CVE-2005-2452
libtiff up to 3.7.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image header with a zero "YCbCr subsampling" value, which causes a divide-by-zero error in (1) tif_strip.c and (2) tif_tile.c, a different vulnerability than CVE-2004-0804. libtiff hasta 3.7.0 permite que atacantes remotos causen una denegación de servicio (caída de la aplicación) mediante un encabezamiento de imagen TIFF con un valor cero para "YCbCr subsampling", lo que causa un error de división por cero en (1) tif_strip.c y (2) tif_tile.c, una vulnerabilidad diferente de CVE-2004-0804. • http://secunia.com/advisories/16266 http://secunia.com/advisories/16486 http://www.mandriva.com/security/advisories?name=MDKSA-2005:142 http://www.mandriva.com/security/advisories?name=MDKSA-2005:143 http://www.mandriva.com/security/advisories?name=MDKSA-2005:144 http://www.securityfocus.com/bid/14417 https://bugzilla.ubuntu.com/show_bug.cgi?id=12008 https://usn.ubuntu.com/156-1 •