Lucene search

K
ubuntucveUbuntu.comUB:CVE-2006-2120
HistoryMay 01, 2006 - 12:00 a.m.

CVE-2006-2120

2006-05-0100:00:00
ubuntu.com
ubuntu.com
10

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.117 Low

EPSS

Percentile

95.3%

The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers to
cause a denial of service (crash) via a crafted TIFF image with Yr/Yg/Yb
values that exceed the YCR/YCG/YCB values, which triggers an out-of-bounds
read.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchtiff< 3.7.4-1ubuntu3.2UNKNOWN

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.117 Low

EPSS

Percentile

95.3%