CVE-2006-2656

libtiff < 3.8.2 - Stack-based Buffer Overflow via Long Filename

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-2656. PoCs published by nitr0us.

AI-analyzed exploit summary This is a writeup describing a local stack buffer overflow vulnerability in tiffsplit (libtiff <= 3.8.2). It references a PoC but does not contain exploit code itself.

Description

Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE.

Exploits (1)

exploitdb WRITEUP VERIFIED

by nitr0us · textlocallinux

https://www.exploit-db.com/exploits/1831

View Code ZIP pw:eip

This is a writeup describing a local stack buffer overflow vulnerability in tiffsplit (libtiff <= 3.8.2). It references a PoC but does not contain exploit code itself.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Moderate

Reliability

Theoretical

Target: libtiff <= 3.8.2

No auth needed

Prerequisites: Local access to the target system · tiffsplit binary from vulnerable libtiff version

MITRE ATT&CK

T1210 - Exploitation of Remote Services

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (11)

Core 11

Core References

Patch vendor-advisory x_refsource_fedora

https://www.redhat.com/archives/fedora-package-announce/2006-May/msg00127.html

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/20520

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/20766

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-200607-03.xml

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/20501

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2006/dsa-1091

Various Sources vendor-advisory x_refsource_suse

http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDKSA-2006:095

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/21002

Mailing List mailing-list x_refsource_vuln-dev

http://marc.info/?l=vuln-dev&m=114857412916909&w=2

Vendor Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/289-1/

Scores

EPSS 0.1416

EPSS Percentile 96.1%

Details

CWE

CWE-119

Status published

Products (15)

libtiff/libtiff 3.4

libtiff/libtiff 3.5.1

libtiff/libtiff 3.5.2

libtiff/libtiff 3.5.3

libtiff/libtiff 3.5.4

libtiff/libtiff 3.5.5

libtiff/libtiff 3.5.6

libtiff/libtiff 3.5.7

libtiff/libtiff 3.6.0

libtiff/libtiff 3.6.1

... and 5 more

Published May 30, 2006

Tracked Since Feb 18, 2026