CVE-2006-3460
- EPSS 4.34%
- Veröffentlicht 03.08.2006 01:04:00
- Zuletzt bearbeitet 16.06.2026 22:27:06
Heap-based buffer overflow in the JPEG decoder in the TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an encoded JPEG stream that is longer than the scan line...
CVE-2006-3461
- EPSS 5.22%
- Veröffentlicht 03.08.2006 01:04:00
- Zuletzt bearbeitet 16.06.2026 22:27:06
Heap-based buffer overflow in the PixarLog decoder in the TIFF library (libtiff) before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors.
CVE-2006-3462
- EPSS 5.22%
- Veröffentlicht 03.08.2006 01:04:00
- Zuletzt bearbeitet 16.06.2026 22:27:06
Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library (libtiff) before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images.
CVE-2006-3463
- EPSS 2.73%
- Veröffentlicht 03.08.2006 01:04:00
- Zuletzt bearbeitet 16.06.2026 22:27:07
The EstimateStripByteCounts function in TIFF library (libtiff) before 3.8.2 uses a 16-bit unsigned short when iterating over an unsigned 32-bit value, which allows context-dependent attackers to cause a denial of service via a large td_nstrips value,...
CVE-2006-3464
- EPSS 3.47%
- Veröffentlicht 03.08.2006 01:04:00
- Zuletzt bearbeitet 16.06.2026 22:27:07
TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to pass numeric range checks and possibly execute code, and trigger assert errors, via large offset values in a TIFF directory that lead to an integer overflow and other unspecifi...
CVE-2006-3465
- EPSS 5.67%
- Veröffentlicht 03.08.2006 01:04:00
- Zuletzt bearbeitet 16.06.2026 22:27:07
Unspecified vulnerability in the custom tag support for the TIFF library (libtiff) before 3.8.2 allows remote attackers to cause a denial of service (instability or crash) and execute arbitrary code via unknown vectors.
CVE-2006-2193
- EPSS 5.46%
- Veröffentlicht 08.06.2006 19:06:00
- Zuletzt bearbeitet 16.06.2026 22:24:30
Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 charac...
CVE-2006-2656
- EPSS 14.42%
- Veröffentlicht 30.05.2006 18:02:00
- Zuletzt bearbeitet 16.06.2026 22:25:28
Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is c...
CVE-2006-2120
- EPSS 0.8%
- Veröffentlicht 01.05.2006 22:06:00
- Zuletzt bearbeitet 16.06.2026 22:24:23
The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers to cause a denial of service (crash) via a crafted TIFF image with Yr/Yg/Yb values that exceed the YCR/YCG/YCB values, which triggers an out-of-bounds read.
- EPSS 8.65%
- Veröffentlicht 25.04.2006 23:02:00
- Zuletzt bearbeitet 16.06.2026 22:24:09
Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent attackers to cause a denial of service via a TIFF image that triggers errors in (1) the TIFFFetchAnyArray function in (a) tif_dirread.c; (2) certain "codec cleanup methods" in (...