CVE-2006-2656

{"id": "CVE-2006-2656", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2006-05-30T18:02:00.000", "references": [{"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html", "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=vuln-dev&m=114857412916909&w=2", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/20501", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/20520", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/20766", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21002", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://security.gentoo.org/glsa/glsa-200607-03.xml", "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2006/dsa-1091", "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:095", "source": "secalert@redhat.com"}, {"url": "https://usn.ubuntu.com/289-1/", "source": "secalert@redhat.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2006-May/msg00127.html", "tags": ["Patch"], "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en pila en el comando tiffsplit en libtiff 3.8.2 y versiones anteriores podr\u00eda permitir a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de un nombre de archivo largo. NOTA: tiffsplit no es setuid. Si no hay un escenario com\u00fan bajo el cual tiffsplit es llamado con argumentos de l\u00ednea de comando controlados por el atacante, entonces quiz\u00e1 este problema no deber\u00eda ser incluido en una CVE."}], "lastModified": "2023-11-07T01:58:51.630", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36B8B853-0FF0-4E2F-983D-683A0951CEF3", "versionEndIncluding": "3.8.2"}, {"criteria": "cpe:2.3:a:libtiff:libtiff:3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCA5EEB8-9D2C-49A9-BB08-CE5017B79D81"}, {"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "261FAE51-5207-4136-9FFE-2330A281266C"}, {"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B32C83B9-F7DA-450A-A687-9A73734CD712"}, {"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9485283A-B73E-4567-914A-42A86F5FFCB4"}, {"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "95892168-0FB6-4E3F-9303-2F9B3CF60D2B"}, {"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5021564-5E0A-4DDC-BC68-200B6050043E"}, {"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11C50750-FE1D-42BA-9125-7D8E872AA2DB"}, {"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19AA66E5-FDDD-4243-B945-DFEBDD25F258"}, {"criteria": "cpe:2.3:a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62F359CD-5DC4-4919-B8E1-95BDDBD27EFC"}, {"criteria": "cpe:2.3:a:libtiff:libtiff:3.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2C8C550-3313-4266-B4B3-E9E9047CFE04"}, {"criteria": "cpe:2.3:a:libtiff:libtiff:3.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ABEEBA7B-81D5-4148-912B-9AD448BBE741"}, {"criteria": "cpe:2.3:a:libtiff:libtiff:3.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "448555FE-8E91-4EA7-BA05-6915F5508319"}, {"criteria": "cpe:2.3:a:libtiff:libtiff:3.8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44BC5E2C-B6A6-4999-A1EA-B91DA5C350C7"}, {"criteria": "cpe:2.3:a:libtiff:libtiff:3.8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2850FD9-8BE8-410E-8A24-28549DAACEB3"}], "operator": "OR"}]}], "vendorComments": [{"comment": "This issue was addressed in libtiff packages as shipped in Red Hat Enterprise Linux 2.1, 3, and 4 via: https://rhn.redhat.com/errata/RHSA-2006-0603.html\n\nRed Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2008-08-12T00:00:00", "organization": "Red Hat"}], "sourceIdentifier": "secalert@redhat.com"}