CVE-2006-2120
Publication date 1 May 2006
Last updated 24 July 2024
Ubuntu priority
The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers to cause a denial of service (crash) via a crafted TIFF image with Yr/Yg/Yb values that exceed the YCR/YCG/YCB values, which triggers an out-of-bounds read.
Status
Package | Ubuntu Release | Status |
---|---|---|
tiff | 7.04 feisty |
Not affected
|
6.10 edgy |
Not affected
|
|
6.06 LTS dapper |
Fixed 3.7.4-1ubuntu3.2
|