CVE-2006-2193

Impact:
Low
Public Date:
2006-06-07
Bugzilla:
194362: CVE-2006-2193 tiff2pdf buffer overflow

The MITRE CVE dictionary describes this issue as:

Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which triggers the overflow when a character is sign extended to an integer that produces more digits than expected in an sprintf call.

Find out more about CVE-2006-2193 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This issue does not affect Red Hat Enterprise Linux 2.1 and 3

This issue was addressed in Red Hat Enterprise Linux 4 via: https://rhn.redhat.com/errata/RHSA-2008-0848.html

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 (libtiff) RHSA-2008:0848 2008-08-28

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact Red Hat Product Security.

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.