Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-2656 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Libtiff

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer8 documents8 sources

Severity

7.5HIGHNVD

EPSS

15.2%

top 5.38%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Debian Tiff Libtiff

Timeline

PublishedMay 30

Latest updateMay 1

Description

Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDlibtiff/libtiff3.8.2+14

▶debiandebian/tiff< tiff 3.8.2-3 (bookworm)

Patches

Patch: www.redhat.com ↗Patch: www.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-66cg-m82w-2g9c: Stack-based buffer overflow in the tiffsplit command in libtiff 3↗2022-05-01

▶

OSV

CVE-2006-2656: Stack-based buffer overflow in the tiffsplit command in libtiff 3↗2006-05-30

▶

💥Exploits & PoCs

Exploit-DB

tiffsplit (libtiff 3.8.2) - Local Stack Buffer Overflow↗2006-05-26

▶

📋Vendor Advisories

Ubuntu

tiff vulnerabilities↗2006-06-08

▶

Red Hat

tiffsplit buffer overflow↗2006-05-25

▶

Debian

CVE-2006-2656: tiff - Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlie...↗2006

▶

💬Community

Bugzilla

CVE-2006-2656 tiffsplit buffer overflow↗2006-05-25

▶