CVE-2006-2120

Published: 01 May 2006

The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers to cause a denial of service (crash) via a crafted TIFF image with Yr/Yg/Yb values that exceed the YCR/YCG/YCB values, which triggers an out-of-bounds read.

Priority

Unknown

Status

Package Release Status
tiff
Launchpad, Ubuntu, Debian
Upstream Needs triage