17 matches found
iPhone MobileSafari LibTIFF Buffer Overflow
No description provided by source. $Id: safarilibtiff.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
Apple iOS MobileMail LibTIFF Buffer Overflow
No description provided by source. $Id: mobilemaillibtiff.rb 15950 2012-10-09 18:31:08Z rapid7 $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use...
Oracle Linux 3 : libtiff (ELSA-2006-0603)
From Red Hat Security Advisory 2006:0603 : Updated libtiff packages that fix several security flaws are now available for Red Hat Enterprise Linux. This update has been rated as having important security impact by the Red Hat Security Response Team. The libtiff package contains a library of...
Apple iOS Mobile Mail - LibTIFF Buffer Overflow (Metasploit)
$Id: mobilemaillibtiff.rb 15950 2012-10-09 18:31:08Z rapid7 $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require...
ZDI-11-302 : Adobe Reader U3D TIFF Resource Buffer Overflow Remote Code Execution Vulnerability
ZDI-11-302 : Adobe Reader U3D TIFF Resource Buffer Overflow Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-302 October 26, 2011 -- CVE ID: CVE-2011-2432 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Reader -...
Adobe Reader U3D TIFF Resource Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within because Adobe...
Adobe Reader和Acrobat TIFF图像处理缓冲区溢出漏洞
BUGTRAQ ID: 38195 CVE ID: CVE-2010-0188,CVE-2006-3459 Adobe Reader和Acrobat都是非常流行的PDF文件阅读器。 Adobe Reader和Acrobat采用的开源TIFF图像解析库libtiff实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞通过诱使用户打开处理包含恶意TIFF图像的PDF文档在用户系统上执行任意指令,从而控制用户系统。 此安全问题其实是一个老漏洞(CVE-2006-3459)在Adobe产品中的重现。 Adobe Acrobat 9.3.1 Adobe Acrobat 8.2.1 Adobe...
SLES9: Security update for libtiff
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: libtiff For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5020045 within the SuS...
SLES9: Security update for libtiff
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: libtiff For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5020045 within the SuS...
Gentoo Security Advisory GLSA 200608-07 (tiff)
The remote host is missing updates announced in advisory GLSA 200608-07. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Debian Security Advisory DSA 1137-1 (tiff)
The remote host is missing an update to tiff announced via advisory DSA 1137-1. Tavis Ormandy of the Google Security Team discovered several problems in the TIFF library. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2006-3459 Several stack-buffer overflows...
safari_libtiff.rb.txt
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/projects/Framework/ require 'msf/core' module Msf class...
openSUSE 10 Security Update : libtiff (libtiff-1907)
This update of libtiff is the result of a source-code audit done by Tavis Ormandy. It fixes various bugs that can lead to denial-of-service conditions as well as to remote code execution while parsing a tiff image. CVE-2006-3459, CVE-2006-3460, CVE-2006-3461, CVE-2006-3462, CVE-2006-3463,...
Fedora Core 5 : libtiff-3.7.4-8 (2006-877)
The libtiff package contains a library of functions for manipulating TIFF Tagged Image File Format files. Tavis Ormandy of Google discovered a number of flaws in libtiff during a security audit. An attacker could create a carefully crafted TIFF file in such a way that it was possible to cause an...
libtiff security update
CentOS Errata and Security Advisory CESA-2006:0603-01 Updated libtiff packages that fix several security flaws are now available for Red Hat Enterprise Linux. This update has been rated as having important security impact by the Red Hat Security Response Team. The libtiff package contains a libra...
CVE-2006-3459
Multiple stack-based buffer overflows in the TIFF library libtiff before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdircount value in the...
CVE-2006-3459
The CVE-2006-3459 issue is a buffer overflow in the libtiff library (libtiff) prior to 3.8.2, used by Adobe Reader 9.3.0 and other products. The underlying flaw arises in TIFF parsing code (TIFFFetchShortPair in tif_dirread.c) when handling large tdir_count values, enabling context-dependent atta...