CVE-2006-0405 - The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 allows remote attackers to cause a

CVE-2006-0405

Summary

The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a NULL pointer dereference, possibly due to changes in type declarations and/or the TIFFVSetField function. Per: http://cwe.mitre.org/data/definitions/476.html 'CWE-476: NULL Pointer Dereference'

References

Vulnerable Configurations

cpe:2.3:a:libtiff:libtiff:3.8.0:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.8.0:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 20-07-2017 - 01:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

refmap via4

bid	18172
gentoo	GLSA-200605-17
misc	http://bugzilla.remotesensing.org/show_bug.cgi?id=1029 http://bugzilla.remotesensing.org/show_bug.cgi?id=1034
secunia	18587 20345
vupen	ADV-2006-0302
xf	libtiff-tiffvsetfield-dos(24275)

statements via4

contributor	Mark J Cox
lastmodified	2006-08-30
organization	Red Hat
statement	This issue did not affect the versions of libtiff as distributed with Red Hat Enterprise Linux 2.1, 3, or 4.

Last major update

20-07-2017 - 01:29

Published

25-01-2006 - 02:03

Last modified

20-07-2017 - 01:29