Lucene search

K
cve[email protected]CVE-2006-3460
HistoryAug 03, 2006 - 1:04 a.m.

CVE-2006-3460

2006-08-0301:04:00
CWE-119
web.nvd.nist.gov
34
cve
2006
3460
heap-based
buffer overflow
jpeg
decoder
tiff library
libtiff
denial of service
execute
arbitrary code
nvd

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.02 Low

EPSS

Percentile

88.4%

Heap-based buffer overflow in the JPEG decoder in the TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an encoded JPEG stream that is longer than the scan line size (TiffScanLineSize).

CPENameOperatorVersion
libtiff:libtifflibtiffle3.8.1

References

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.02 Low

EPSS

Percentile

88.4%