CVE-2006-3459
libtiff <3.8.2 - Buffer Overflow
Title source: llmDescription
Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdir_count value in the TIFFFetchShortPair function in tif_dirread.c.
Exploits (8)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotehardware
https://www.exploit-db.com/exploits/16869
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotehardware
https://www.exploit-db.com/exploits/16868
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotehardware
https://www.exploit-db.com/exploits/16862
metasploit
WORKING POC
GOOD
by hdm, kf · rubypocosx
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/apple_ios/browser/safari_libtiff.rb
metasploit
WORKING POC
GOOD
by hdm, kf · rubypocosx
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/apple_ios/email/mobilemail_libtiff.rb
References (47)
... and 27 more
Scores
EPSS
0.6653
EPSS Percentile
98.5%
Details
CWE
CWE-119
Status
published
Products (17)
libtiff/libtiff
3.4 (11 CPE variants)
libtiff/libtiff
3.5.1
libtiff/libtiff
3.5.2
libtiff/libtiff
3.5.3
libtiff/libtiff
3.5.4
libtiff/libtiff
3.5.5
libtiff/libtiff
3.5.6 (2 CPE variants)
libtiff/libtiff
3.5.7 (6 CPE variants)
libtiff/libtiff
3.6.0 (3 CPE variants)
libtiff/libtiff
3.6.1
... and 7 more
Published
Aug 03, 2006
Tracked Since
Feb 18, 2026