| Revision Date: | 2013-04-29 | Version: | 11 |
| Title: | Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which triggers the overflow when a character is sign extended to an integer that produces more digits than expected in an sprintf call. |
| Description: | Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which triggers the overflow when a character is sign extended to an integer that produces more digits than expected in an sprintf call. |
| Family: | unix | Class: | vulnerability |
| Status: | ACCEPTED | Reference(s): | CVE-2006-2193
|
| Platform(s): | CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 4
| Product(s): | |
| Definition Synopsis |
| RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4
OR CentOS Linux 4.x
OR Oracle Linux 4.x
AND Configuration section
libtiff is earlier than 0:3.6.1-12.el4_7.2
OR libtiff-devel is earlier than 0:3.6.1-12.el4_7.2
|