High Published: Aug 03, 2006 Modified: Apr 03, 2025

CVE-2006-3459

7.5 CVSS SCORE

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Description

Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdir_count value in the TIFFFetchShortPair function in tif_dirread.c.

CVSS Vector Details

Attack Vector Network

Attack Complexity Low

Confidentiality P

Integrity P

Availability P

Affected Software Configurations

a libtiff libtiff * * * * * * * *
a libtiff libtiff 3.4 * * * * * * *
a libtiff libtiff 3.4 beta18 * * * * * *
a libtiff libtiff 3.4 beta24 * * * * * *
a libtiff libtiff 3.4 beta28 * * * * * *
a libtiff libtiff 3.4 beta29 * * * * * *
a libtiff libtiff 3.4 beta31 * * * * * *
a libtiff libtiff 3.4 beta32 * * * * * *
a libtiff libtiff 3.4 beta34 * * * * * *
a libtiff libtiff 3.4 beta35 * * * * * *

Weaknesses (CWE)

CWE-119

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

← Back to CVE Tracker