CVE-2006-2120

CVE-2006-2120 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:N/A:P

The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers to cause a denial of service (crash) via a crafted TIFF image with Yr/Yg/Yb values that exceed the YCR/YCG/YCB values, which triggers an out-of-bounds read.

Learn more about our Web Application Penetration Testing UK.