| Vulnerability Name: | CVE-2006-2025 (CCN-26134) | ||||||||||||||||||||||||
| Assigned: | 2006-03-03 | ||||||||||||||||||||||||
| Published: | 2006-03-03 | ||||||||||||||||||||||||
| Updated: | 2018-10-03 | ||||||||||||||||||||||||
| Summary: | Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted TIFF image. | ||||||||||||||||||||||||
| CVSS v3 Severity: | 4.8 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L)
| ||||||||||||||||||||||||
| CVSS v2 Severity: | 6.5 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P)
| ||||||||||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||
| References: | Source: SGI Type: UNKNOWN 20060501-01-U Source: MISC Type: Exploit, Patch http://bugzilla.remotesensing.org/show_bug.cgi?id=1102 Source: MITRE Type: CNA CVE-2006-2025 Source: CCN Type: RHSA-2006-0425 libtiff security update Source: CCN Type: RHSA-2006-0648 kdegraphics security update Source: CCN Type: SA19838 LibTIFF Multiple Vulnerabilities Source: SECUNIA Type: UNKNOWN 19838 Source: SECUNIA Type: UNKNOWN 19897 Source: SECUNIA Type: UNKNOWN 19936 Source: SECUNIA Type: UNKNOWN 19949 Source: SECUNIA Type: UNKNOWN 19964 Source: SECUNIA Type: UNKNOWN 20021 Source: SECUNIA Type: UNKNOWN 20023 Source: SECUNIA Type: UNKNOWN 20210 Source: SECUNIA Type: UNKNOWN 20345 Source: CCN Type: SA20667 Avaya Products LibTIFF Multiple Vulnerabilities Source: SECUNIA Type: UNKNOWN 20667 Source: SUNALERT Type: UNKNOWN 103099 Source: SUNALERT Type: UNKNOWN 201332 Source: CONFIRM Type: UNKNOWN http://support.avaya.com/elmodocs2/security/ASA-2006-119.htm Source: CCN Type: ASA-2006-119 libtiff security update (RHSA-2006-0425) Source: DEBIAN Type: UNKNOWN DSA-1054 Source: DEBIAN Type: DSA-1054 tiff -- several vulnerabilities Source: CCN Type: GLSA-200605-17 libTIFF: Multiple vulnerabilities Source: GENTOO Type: UNKNOWN GLSA-200605-17 Source: MANDRIVA Type: UNKNOWN MDKSA-2006:082 Source: SUSE Type: UNKNOWN SUSE-SR:2006:009 Source: REDHAT Type: UNKNOWN RHSA-2006:0425 Source: CCN Type: LibTIFF Web page Changes in TIFF v3.8.1 Source: BID Type: UNKNOWN 17732 Source: CCN Type: BID-17732 LibTiff TIFFFetchData Integer Overflow Vulnerability Source: TRUSTIX Type: UNKNOWN 2006-0024 Source: CCN Type: USN-277-1 TIFF library vulnerabilities Source: VUPEN Type: UNKNOWN ADV-2006-1563 Source: CCN Type: Red Hat Bugzilla Bug 189933 CVE-2006-2024 multiple libtiff issues (CVE-2006-2025, CVE-2006-2026) Source: CONFIRM Type: Exploit, Patch https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189933 Source: XF Type: UNKNOWN libtiff-tifffetchdata-overflow(26134) Source: XF Type: UNKNOWN libtiff-tifffetchdata-overflow(26134) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:10593 Source: UBUNTU Type: UNKNOWN USN-277-1 Source: SUSE Type: SUSE-SR:2006:009 SUSE Security Summary Report | ||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration RedHat 4: Configuration RedHat 5:  Denotes that component is vulnerable | ||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||
| |||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||