Bug 193166 (CVE-2006-2656) - CVE-2006-2656 tiffsplit buffer overflow
Summary: CVE-2006-2656 tiffsplit buffer overflow
Status: CLOSED ERRATA
Alias: CVE-2006-2656
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
low
Target Milestone: ---
Assignee: Tom Lane
QA Contact:
URL:
Whiteboard: source=vuln-dev,reported=20060525,pub...
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-05-25 20:13 UTC by Josh Bressers
Modified: 2013-07-03 03:09 UTC (History)
1 user (show)

(edit)
Clone Of:
(edit)
Last Closed: 2008-08-12 07:18:42 UTC


Attachments (Terms of Use)
a patch (653 bytes, patch)
2006-05-26 02:44 UTC, Matthias Clasen
no flags Details | Diff

Description Josh Bressers 2006-05-25 20:13:30 UTC
tiffsplit buffer overflow

A buffer overflow issue has been found in libtiff's tiffsplit command.
More information is at the below URL:

http://marc.theaimsgroup.com/?l=vuln-dev&m=114857412916909&w=2


This issue also affects RHEL3
This issue also affects RHEL2.1

Comment 1 Matthias Clasen 2006-05-26 02:44:51 UTC
Created attachment 130010 [details]
a patch

Comment 2 Matthias Clasen 2006-05-26 03:07:40 UTC
I have built
3.5.7-30.el2.2
3.5.7-25.el3.2
3.6.1-11
with the fix

Comment 3 Red Hat Product Security 2008-08-12 07:18:42 UTC
This issue was addressed in:

Red Hat Enterprise Linux:
  http://rhn.redhat.com/errata/RHSA-2006-0603.html


Note You need to log in before you can comment on or make changes to this bug.