Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2006-2193

Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which triggers the overflow when a character is sign extended to an integer that produces more digits than expected in an sprintf call.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://bugs.debian.org...
CONFIRM: http://bugzilla.remote...
DEBIAN: DSA-1091
SECUNIA: 20488
SECUNIA: 20501
SECUNIA: 20520
BID: 18331
SECUNIA: 20693
SUSE: SUSE-SR:2006:014
SECUNIA: 20766
GENTOO: GLSA-200607-03
SECUNIA: 21002
SECUNIA: 27181
SECUNIA: 27222
MANDRIVA: MDKSA-2006:102
SUNALERT: 103160
SECUNIA: 27832
SUNALERT: 201331
REDHAT: RHSA-2008:0848
SECUNIA: 31670
VUPEN: ADV-2006-2197
VUPEN: ADV-2007-3486
VUPEN: ADV-2007-4034
XF: libtiff-tiff2pdf-bo(26...
OVAL: oval:org.mitre.oval:de...
UBUNTU: USN-289-1

Launchpad.net

CVE 2006-2193

Related bugs

References