CVE-2006-2656
Published: 05/30/2006 18:02:00
Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE.
HIGH
CVSS v2: 7.5
CVSS v2: 7.5
Status
| DocFilters Release | Package | State | Justification | Comment |
|---|---|---|---|---|
| 25.1 | libtiff (4.6.0) | Not Affected | Code Not Present | 4.6.0 does not match CVE configuration. |
| 24.4 | libtiff (4.6.0) | Not Affected | Code Not Present | 4.6.0 does not match CVE configuration. |
| 24.4.0 | libtiff (4.6.0) | Not Affected | Code Not Present | 4.6.0 does not match CVE configuration. |
| 24.3 | libtiff (4.6.0) | Not Affected | Code Not Present | 4.6.0 does not match CVE configuration. |
| 24.2.1 | libtiff (4.6.0) | Not Affected | Code Not Present | 4.6.0 does not match CVE configuration. |
| 24.2 | libtiff (4.6.0) | Not Affected | Code Not Present | 4.6.0 does not match CVE configuration. |
| 24.1 | libtiff (4.6.0) | Not Affected | Code Not Present | 4.6.0 does not match CVE configuration. |
| 23.3 | libtiff (4.5.1) | Not Affected | Code Not Present | 4.5.1 does not match CVE configuration. |
| 23.2.1 | libtiff (4.3.0) | Not Affected | Code Not Present | 4.3.0 does not match CVE configuration. |
| 23.2 | libtiff (4.3.0) | Not Affected | Code Not Present | 4.3.0 does not match CVE configuration. |
| 23.1 | libtiff (4.3.0) | Not Affected | Code Not Present | 4.3.0 does not match CVE configuration. |
| 22.4 | libtiff (4.3.0) | Not Affected | Code Not Present | 4.3.0 does not match CVE configuration. |
| 22.3 | libtiff (4.3.0) | Not Affected | Code Not Present | 4.3.0 does not match CVE configuration. |
| 22.2 | libtiff (4.3.0) | Not Affected | Code Not Present | 4.3.0 does not match CVE configuration. |
| 22.1 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 21.11.1 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 21.11 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 21.8.1 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 21.8 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 21.5.1 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 21.5.0 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 21.2.0 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.20 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.19.3667 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.18.3599 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.17 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.16.3445 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.15.3368 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.14.3263 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.13.3179 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.12.3054 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.11.3040 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.11.2990 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.10.2934 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.9.2878 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |
| 11.4.8.2822 | libtiff (4.0.8) | Not Affected | Code Not Present | 4.0.8 does not match CVE configuration. |