CVE-2006-2024 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-2024
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-2024

Description: Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent attackers to cause a denial of service via a TIFF image that triggers errors in (1) the TIFFFetchAnyArray function in (a) tif_dirread.c; (2) certain "codec cleanup methods" in (b) tif_lzw.c, (c) tif_pixarlog.c, and (d) tif_zip.c; (3) and improper restoration of setfield and getfield methods in cleanup functions within (e) tif_jpeg.c, tif_pixarlog.c, (f) tif_fax3.c, and tif_zip.c.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/26133 UBUNTU http://www.ubuntulinux.org/support/documentation/usn/usn-277-1 TRUSTIX http://www.trustix.org/errata/2006/0024 SUSE http://www.novell.com/linux/security/advisories/2006_04_28.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-66-201332-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103099-1 SGI SAID Secunia Advisory: SA19838 Secunia Advisory: SA19851 Secunia Advisory: SA19897 Secunia Advisory: SA19936 Secunia Advisory: SA19949 Secunia Advisory: SA19964 Secunia Advisory: SA20021 Secunia Advisory: SA20023 Secunia Advisory: SA20345 Secunia Advisory: SA20210 Secunia Advisory: SA20667 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0425.html MISC http://bugzilla.remotesensing.org/show_bug.cgi?id=1102 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2006:082 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200605-17.xml DEBIAN http://www.debian.org/security/2006/dsa-1054 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-119.htm BID 17730

Return to the previous page.