HTTP: Adobe Reader and Acrobat LibTIFF TIFFFetchData Function Integer Overflow
This signature detects attempts to exploit a known flaw in Adobe Reader and Acrobat LibTIFF. A successful attack can allow attackers to execute remote code in the context of the current logged in user.
Extended Description
Applications using the LibTIFF library are prone to an integer-overflow vulnerability. An attacker could exploit this vulnerability to execute arbitrary code in the context of the vulnerable application that uses the affected library. Failed exploit attempts will likely cause denial-of-service conditions.
Affected Products
Suse linux_professional
Short Name
HTTP:STC:ADOBE:LIBTIF-FETCHDATA
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Acrobat Adobe CVE-2006-2025 Function Integer LibTIFF Overflow Reader TIFFFetchData and bid:17732
Release Date
07/18/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Suse
Gentoo
Trustix
Sun
Libtiff
Avaya
Sgi
Ubuntu
Mandriva
Debian
CVSS Score
6.5