Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:STC:ADOBE:LIBTIF-FETCHDATA |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Adobe Reader and Acrobat LibTIFF TIFFFetchData Function Integer Overflow |
Release Date |
2011/07/18 |
Update Number |
1956 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Adobe Reader and Acrobat LibTIFF TIFFFetchData Function Integer Overflow
This signature detects attempts to exploit a known flaw in Adobe Reader and Acrobat LibTIFF. A successful attack can allow attackers to execute remote code in the context of the current logged in user.
Extended Description
Applications using the LibTIFF library are prone to an integer-overflow vulnerability. An attacker could exploit this vulnerability to execute arbitrary code in the context of the vulnerable application that uses the affected library. Failed exploit attempts will likely cause denial-of-service conditions.
Affected Products
- Avaya intuity LX
- Avaya message_networking
- Avaya messaging_storage_server
- Debian linux 3.0.0
- Debian linux 3.0.0 Alpha
- Debian linux 3.0.0 Arm
- Debian linux 3.0.0 Hppa
- Debian linux 3.0.0 Ia-32
- Debian linux 3.0.0 Ia-64
- Debian linux 3.0.0 M68k
- Debian linux 3.0.0 Mips
- Debian linux 3.0.0 Mipsel
- Debian linux 3.0.0 Ppc
- Debian linux 3.0.0 S/390
- Debian linux 3.0.0 Sparc
- Debian linux 3.1.0
- Debian linux 3.1.0 Alpha
- Debian linux 3.1.0 Amd64
- Debian linux 3.1.0 Arm
- Debian linux 3.1.0 Hppa
- Debian linux 3.1.0 Ia-32
- Debian linux 3.1.0 Ia-64
- Debian linux 3.1.0 M68k
- Debian linux 3.1.0 Mips
- Debian linux 3.1.0 Mipsel
- Debian linux 3.1.0 Ppc
- Debian linux 3.1.0 S/390
- Debian linux 3.1.0 Sparc
- Gentoo linux
- Libtiff libtiff 3.4.0
- Libtiff libtiff 3.5.1
- Libtiff libtiff 3.5.2
- Libtiff libtiff 3.5.3
- Libtiff libtiff 3.5.4
- Libtiff libtiff 3.5.5
- Libtiff libtiff 3.5.7
- Libtiff libtiff 3.6.0 .0
- Libtiff libtiff 3.6.1
- Libtiff libtiff 3.7.0
- Libtiff libtiff 3.7.1
- Libtiff libtiff 3.7.2
- Libtiff libtiff 3.8.0
- Mandriva corporate_server 3.0.0
- Mandriva corporate_server 3.0.0 X86 64
- Mandriva linux_mandrake 10.2.0
- Mandriva linux_mandrake 10.2.0 X86 64
- Mandriva linux_mandrake 2006.0.0
- Mandriva linux_mandrake 2006.0.0 X86 64
- Mandriva multi_network_firewall 2.0.0
- Red_hat advanced_workstation_for_the_itanium_processor 2.1.0
- Red_hat advanced_workstation_for_the_itanium_processor 2.1.0 IA64
- Red_hat desktop 3.0.0
- Red_hat desktop 4.0.0
- Red_hat enterprise_linux_as 2.1
- Red_hat enterprise_linux_as 2.1 IA64
- Red_hat enterprise_linux_as 3
- Red_hat enterprise_linux_as 4
- Red_hat enterprise_linux_es 2.1
- Red_hat enterprise_linux_es 2.1 IA64
- Red_hat enterprise_linux_es 3
- Red_hat enterprise_linux_es 4
- Red_hat enterprise_linux_ws 2.1
- Red_hat enterprise_linux_ws 2.1 IA64
- Red_hat enterprise_linux_ws 3
- Red_hat enterprise_linux_ws 4
- Sgi propack 3.0.0 SP6
- Sun solaris 10 Sparc
- Sun solaris 10 X86
- Sun solaris 8 Sparc
- Sun solaris 8 X86
- Sun solaris 9 Sparc
- Sun solaris 9 X86
- Suse linux_personal 10.0.0 OSS
- Suse linux_personal 9.2.0
- Suse linux_personal 9.2.0 X86 64
- Suse linux_personal 9.3.0
- Suse linux_personal 9.3.0 X86 64
- Suse linux_professional 10.0.0
- Suse linux_professional 10.0.0 OSS
- Suse linux_professional 9.2.0
- Suse linux_professional 9.2.0 X86 64
- Suse linux_professional 9.3.0
- Suse linux_professional 9.3.0 X86 64
- Trustix secure_enterprise_linux 2.0.0
- Trustix secure_linux 2.2.0
- Trustix secure_linux 3.0.0
- Ubuntu ubuntu_linux 5.0.0 4 Amd64
- Ubuntu ubuntu_linux 5.0.0 4 I386
- Ubuntu ubuntu_linux 5.0.0 4 Powerpc
- Ubuntu ubuntu_linux 5.10.0 Amd64
- Ubuntu ubuntu_linux 5.10.0 I386
- Ubuntu ubuntu_linux 5.10.0 Powerpc
References
- BugTraq: 17732
- CVE: CVE-2006-2025