Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-1054-1
HistoryMay 09, 2006 - 12:00 a.m.

tiff - several vulnerabilities

2006-05-0900:00:00
Google
osv.dev
3

0.041 Low

EPSS

Percentile

92.2%

JSON

Tavis Ormandy discovered several vulnerabilities in the TIFF library
that can lead to a denial of service or the execution of arbitrary
code. The Common Vulnerabilities and Exposures project identifies the
following problems:

  • CVE-2006-2024
    Multiple vulnerabilities allow attackers to cause a denial of
    service.
  • CVE-2006-2025
    An integer overflow allows attackers to cause a denial of service
    and possibly execute arbitrary code.
  • CVE-2006-2026
    A double-free vulnerability allows attackers to cause a denial of
    service and possibly execute arbitrary code.

For the old stable distribution (woody) these problems have been fixed
in version 3.5.5-7woody1.

For the stable distribution (sarge) these problems have been fixed in
version 3.7.2-3sarge1.

The unstable distribution (sid) is not vulnerable to these problems.

We recommend that you upgrade your libtiff packages.

CPENameOperatorVersion
tiffeq3.7.2-3

Related

nessus 9
openvas 4
debian 2
redhat 2
centos 4
ubuntu 1
gentoo 1
nvd 3
ubuntucve 3
cvelist 3
debiancve 3
checkpoint_advisories 1
cve 3
veracode 3
prion 3
nessus
nessus
Debian DSA-1054-1 : tiff - several vulnerabilities
2006-10-14 00:00:00
CentOS 3 / 4 : libtiff (CESA-2006:0425)
2006-07-03 00:00:00
RHEL 2.1 / 3 / 4 : libtiff (RHSA-2006:0425)
2006-05-13 00:00:00
openvas
openvas
Debian Security Advisory DSA 1054-1 (tiff)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-1054-1)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200605-17 (libtiff)
2008-09-24 00:00:00
debian
debian
[SECURITY] [DSA 1054-1] New TIFF packages fix denial of service and arbitrary code execution
2006-05-09 11:25:22
[SECURITY] [DSA 1054-1] New TIFF packages fix denial of service and arbitrary code execution
2006-05-09 11:25:22
redhat
redhat
(RHSA-2006:0425) libtiff security update
2006-05-09 00:00:00
(RHSA-2006:0648) kdegraphics security update
2006-08-28 00:00:00
centos
centos
libtiff security update
2006-05-09 12:12:33
libtiff security update
2006-05-09 23:31:27
kdegraphics security update
2006-08-28 13:40:53
ubuntu
ubuntu
TIFF library vulnerabilities
2006-05-04 00:00:00
gentoo
gentoo
libTIFF: Multiple vulnerabilities
2006-05-30 00:00:00
nvd
nvd
CVE-2006-2025
2006-04-25 23:02:00
CVE-2006-2026
2006-04-25 23:02:00
CVE-2006-2024
2006-04-25 23:02:00
ubuntucve
ubuntucve
CVE-2006-2026
2006-04-25 00:00:00
CVE-2006-2025
2006-04-25 00:00:00
CVE-2006-2024
2006-04-25 00:00:00
cvelist
cvelist
CVE-2006-2026
2006-04-25 23:00:00
CVE-2006-2025
2006-04-25 23:00:00
CVE-2006-2024
2006-04-25 23:00:00
debiancve
debiancve
CVE-2006-2025
2006-04-25 23:02:00
CVE-2006-2026
2006-04-25 23:02:00
CVE-2006-2024
2006-04-25 23:02:00
checkpoint_advisories
checkpoint_advisories
LibTIFF TIFFFetchData Function Integer Overflow (CVE-2006-2025)
2010-03-03 00:00:00
cve
cve
CVE-2006-2025
2006-04-25 23:02:00
CVE-2006-2026
2006-04-25 23:02:00
CVE-2006-2024
2006-04-25 23:02:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:10:17
Arbitrary Code Execution
2020-04-10 00:10:17
Denial Of Service (DoS)
2020-04-10 00:10:16
prion
prion
Integer overflow
2006-04-25 23:02:00
Double free
2006-04-25 23:02:00
Design/Logic Flaw
2006-04-25 23:02:00

0.041 Low

EPSS

Percentile

92.2%

JSON
Related for OSV:DSA-1054-1
nessus9openvas4debian2redhat2centos4ubuntu1gentoo1nvd3ubuntucve3cvelist3debiancve3checkpoint_advisories1cve3veracode3prion3