Signature Detail

HTTP: iPhone Mobile Safari LibTIFF Remote Code Execution

This signature detects attempts to exploit a known vulnerability against iPhone Mobile Safari. A successful attack can lead to arbitrary code execution.

Extended Description

LibTIFF is prone to a buffer-overflow vulnerability because the library fails to do proper boundary checks before copying user-supplied data into a finite-sized buffer. This issue allows remote attackers to execute arbitrary machine code in the context of appications using the affected library. Failed exploit attempts will likely crash the application, denying service to legitimate users.

Affected Products

• Apple iPhone 1
• Apple iPhone 1.0.1
• Apple iPhone 1.0.2
• Apple iPhone 1.1.1
• Apple iPod Touch 1.1
• Apple iPod Touch 1.1.1
• Apple Mac OS X 10.0.0
• Apple Mac OS X 10.0.0 3
• Apple Mac OS X 10.0.1
• Apple Mac OS X 10.0.2
• Apple Mac OS X 10.0.3
• Apple Mac OS X 10.0.4
• Apple Mac OS X 10.1.0
• Apple Mac OS X 10.1.1
• Apple Mac OS X 10.1.2
• Apple Mac OS X 10.1.3
• Apple Mac OS X 10.1.4
• Apple Mac OS X 10.1.5
• Apple Mac OS X 10.2.0
• Apple Mac OS X 10.2.1
• Apple Mac OS X 10.2.2
• Apple Mac OS X 10.2.3
• Apple Mac OS X 10.2.4
• Apple Mac OS X 10.2.5
• Apple Mac OS X 10.2.6
• Apple Mac OS X 10.2.7
• Apple Mac OS X 10.2.8
• Apple Mac OS X 10.3.0
• Apple Mac OS X 10.3.1
• Apple Mac OS X 10.3.2
• Apple Mac OS X 10.3.3
• Apple Mac OS X 10.3.4
• Apple Mac OS X 10.3.5
• Apple Mac OS X 10.3.6
• Apple Mac OS X 10.3.7
• Apple Mac OS X 10.3.8
• Apple Mac OS X 10.3.9
• Apple Mac OS X 10.4.0
• Apple Mac OS X 10.4.1
• Apple Mac OS X 10.4.2
• Apple Mac OS X 10.4.3
• Apple Mac OS X 10.4.4
• Apple Mac OS X 10.4.5
• Apple Mac OS X 10.4.6
• Apple Mac OS X 10.4.7
• Apple Mac OS X Server 10.0.0
• Apple Mac OS X Server 10.1.0
• Apple Mac OS X Server 10.1.1
• Apple Mac OS X Server 10.1.2
• Apple Mac OS X Server 10.1.3
• Apple Mac OS X Server 10.1.4
• Apple Mac OS X Server 10.1.5
• Apple Mac OS X Server 10.2.0
• Apple Mac OS X Server 10.2.1
• Apple Mac OS X Server 10.2.2
• Apple Mac OS X Server 10.2.3
• Apple Mac OS X Server 10.2.4
• Apple Mac OS X Server 10.2.5
• Apple Mac OS X Server 10.2.6
• Apple Mac OS X Server 10.2.7
• Apple Mac OS X Server 10.2.8
• Apple Mac OS X Server 10.3.0
• Apple Mac OS X Server 10.3.1
• Apple Mac OS X Server 10.3.2
• Apple Mac OS X Server 10.3.3
• Apple Mac OS X Server 10.3.4
• Apple Mac OS X Server 10.3.5
• Apple Mac OS X Server 10.3.6
• Apple Mac OS X Server 10.3.7
• Apple Mac OS X Server 10.3.8
• Apple Mac OS X Server 10.3.9
• Apple Mac OS X Server 10.4.0
• Apple Mac OS X Server 10.4.1
• Apple Mac OS X Server 10.4.2
• Apple Mac OS X Server 10.4.3
• Apple Mac OS X Server 10.4.4
• Apple Mac OS X Server 10.4.5
• Apple Mac OS X Server 10.4.6
• Apple Mac OS X Server 10.4.7
• Avaya Intuity LX
• Avaya Message Networking
• Avaya Messaging Storage Server
• Debian Linux 3.1.0
• Debian Linux 3.1.0 Alpha
• Debian Linux 3.1.0 Amd64
• Debian Linux 3.1.0 Arm
• Debian Linux 3.1.0 Hppa
• Debian Linux 3.1.0 Ia-32
• Debian Linux 3.1.0 Ia-64
• Debian Linux 3.1.0 M68k
• Debian Linux 3.1.0 Mips
• Debian Linux 3.1.0 Mipsel
• Debian Linux 3.1.0 Ppc
• Debian Linux 3.1.0 S/390
• Debian Linux 3.1.0 Sparc
• Gentoo Linux
• LibTIFF 3.4.0
• LibTIFF 3.5.1
• LibTIFF 3.5.2
• LibTIFF 3.5.3
• LibTIFF 3.5.4
• LibTIFF 3.5.5
• LibTIFF 3.5.7
• LibTIFF 3.6.0 .0
• LibTIFF 3.6.1
• LibTIFF 3.7.0
• LibTIFF 3.7.1
• LibTIFF 3.7.2
• LibTIFF 3.7.3
• LibTIFF 3.8.0
• LibTIFF 3.8.1
• LibTIFF 3.8.2
• Mandriva Corporate Server 3.0.0
• Mandriva Corporate Server 3.0.0 X86 64
• Mandriva Linux Mandrake 2006.0.0
• Mandriva Linux Mandrake 2006.0.0 X86 64
• Mandriva Multi Network Firewall 2.0.0
• Red Hat Advanced Workstation for the Itanium Processor 2.1.0
• Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
• Red Hat Desktop 3.0.0
• Red Hat Desktop 4.0.0
• Red Hat Enterprise Linux AS 2.1
• Red Hat Enterprise Linux AS 2.1 IA64
• Red Hat Enterprise Linux AS 3
• Red Hat Enterprise Linux AS 4
• Red Hat Enterprise Linux ES 2.1
• Red Hat Enterprise Linux ES 2.1 IA64
• Red Hat Enterprise Linux ES 3
• Red Hat Enterprise Linux ES 4
• Red Hat Enterprise Linux WS 2.1
• Red Hat Enterprise Linux WS 2.1 IA64
• Red Hat Enterprise Linux WS 3
• Red Hat Enterprise Linux WS 4
• rPath rPath Linux 1
• SGI ProPack 3.0.0 SP6
• Slackware Linux 10.0.0
• Slackware Linux 10.1.0
• Slackware Linux 10.2.0
• Slackware Linux 9.0.0
• Slackware Linux 9.1.0
• Sun Solaris 10 Sparc
• Sun Solaris 10 X86
• Sun Solaris 8 Sparc
• Sun Solaris 8 X86
• Sun Solaris 9 Sparc
• Sun Solaris 9 X86
• Sun Trusted Solaris 8.0.0
• Sun Trusted Solaris 8.0.0 x86
• SuSE Linux Desktop 1.0.0
• SuSE Linux Enterprise Server for S/390 9.0.0
• SuSE Linux Enterprise Server for S/390
• SuSE Linux Personal 10.0.0 OSS
• SuSE Linux Personal 10.1
• SuSE Linux Personal 9.2.0
• SuSE Linux Personal 9.2.0 X86 64
• SuSE Linux Personal 9.3.0
• SuSE Linux Personal 9.3.0 X86 64
• SuSE Linux Professional 10.0.0
• SuSE Linux Professional 10.0.0 OSS
• SuSE Linux Professional 10.1
• SuSE Linux Professional 9.2.0
• SuSE Linux Professional 9.2.0 X86 64
• SuSE Linux Professional 9.3.0
• SuSE Linux Professional 9.3.0 X86 64
• SuSE SUSE Linux Enterprise SDK 10
• SuSE SUSE Linux Enterprise Server 10
• SuSE SUSE Linux Enterprise Server 9
• SuSE UnitedLinux 1.0.0
• Trustix Secure Enterprise Linux 2.0.0
• Trustix Secure Linux 2.2.0
• Trustix Secure Linux 3.0.0
• Ubuntu Ubuntu Linux 5.0.0 4 Amd64
• Ubuntu Ubuntu Linux 5.0.0 4 I386
• Ubuntu Ubuntu Linux 5.0.0 4 Powerpc
• Ubuntu Ubuntu Linux 5.10.0 Amd64
• Ubuntu Ubuntu Linux 5.10.0 I386
• Ubuntu Ubuntu Linux 5.10.0 Powerpc
• Ubuntu Ubuntu Linux 5.10.0 Sparc
• Ubuntu Ubuntu Linux 6.06 LTS Amd64
• Ubuntu Ubuntu Linux 6.06 LTS I386
• Ubuntu Ubuntu Linux 6.06 LTS Powerpc
• Ubuntu Ubuntu Linux 6.06 LTS Sparc

References

• BugTraq: 19283
• CVE: CVE-2006-3459