- Home
- CVEs with nessus.description==Tavis Ormandy of the Google Security Team discovered several problems in the TIFF library. The Common Vulnerabilities and Exposures project identifies the following issues :
- CVE-2006-3459 Several stack-buffer overflows have been discovered.
- CVE-2006-3460 A heap overflow vulnerability in the JPEG decoder may overrun a buffer with more data than expected.
- CVE-2006-3461 A heap overflow vulnerability in the PixarLog decoder may allow an attacker to execute arbitrary code.
- CVE-2006-3462 A heap overflow vulnerability has been discovered in the NeXT RLE decoder.
- CVE-2006-3463 An loop was discovered where a 16bit unsigned short was used to iterate over a 32bit unsigned value so that the loop would never terminate and continue forever.
- CVE-2006-3464 Multiple unchecked arithmetic operations were uncovered, including a number of the range checking operations designed to ensure the offsets specified in TIFF directories are legitimate.
- CVE-2006-3465 A flaw was also uncovered in libtiffs custom tag support which may result in abnormal behaviour, crashes, or potentially arbitrary code execution.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top