CVE-2006-0405

EPSS 1.8%

Published: 1/25/2006Modified: 4/28/2026

Description

The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a NULL pointer dereference, possibly due to changes in type declarations and/or the TIFFVSetField function.

Affected packages (1)

Debian/tifffrom 0, < 3.8.0-2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-0405