7.1 High
AI Score
Confidence
Low
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.362 Low
EPSS
Percentile
97.1%
Tavis Ormandy discovered that the TIFF library did not sufficiently
check handled images for validity. By tricking an user or an automated
system into processing a specially crafted TIFF image, an attacker
could exploit these weaknesses to execute arbitrary code with the
target application’s privileges.
This library is used in many client and server applications, thus you
should reboot your computer after the upgrade to ensure that all
running programs use the new version of the library.
ubuntu.com/security/CVE-2006-3459
ubuntu.com/security/CVE-2006-3460
ubuntu.com/security/CVE-2006-3461
ubuntu.com/security/CVE-2006-3462
ubuntu.com/security/CVE-2006-3463
ubuntu.com/security/CVE-2006-3464
ubuntu.com/security/CVE-2006-3465
ubuntu.com/security/notices/CVE-2006-3459
ubuntu.com/security/notices/CVE-2006-3460
ubuntu.com/security/notices/CVE-2006-3461
ubuntu.com/security/notices/CVE-2006-3462
ubuntu.com/security/notices/CVE-2006-3463
ubuntu.com/security/notices/CVE-2006-3464
ubuntu.com/security/notices/CVE-2006-3465