CVE-2006-2193 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Tiff

9 documents7 sources

Severity

7.5HIGHNVD

EPSS

0.6%

top 29.43%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Tiff Libtiff

Timeline

PublishedJun 8

Latest updateMay 1

Description

Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which triggers the overflow when a character is sign extended to an integer that produces more digits than expected in an sprintf call.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDlibtiff/libtiff3.8.2+14

▶debiandebian/tiff< tiff 3.8.2-4 (bookworm)

Patches

Patch: bugzilla.remotesensing.org ↗Patch: secunia.com ↗Patch: www.debian.org ↗

🔴Vulnerability Details

GHSA

GHSA-jgfg-vvq8-cfx3: Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3↗2022-05-01

▶

OSV

CVE-2006-2193: Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3↗2006-06-08

▶

📋Vendor Advisories

Ubuntu

tiff vulnerabilities↗2006-06-08

▶

Red Hat

tiff2pdf buffer overflow↗2006-06-07

▶

Debian

CVE-2006-2193: tiff - Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8....↗2006

▶

💬Community

Bugzilla

CVE-2006-2193 tiff2pdf buffer overflow↗2006-08-15

▶

Bugzilla

CVE-2006-2193 tiff2pdf buffer overflow↗2006-06-07

▶

Bugzilla

CVE-2006-2193 tiff2pdf buffer overflow↗2006-06-07

▶