CVE-2006-4507 - OpenCVE

Unspecified vulnerability in the TIFF viewer (possibly libTIFF) in the Photo Viewer in the Sony PlaystationPortable (PSP) 2.00 through 2.80 allows local users to execute arbitrary code via crafted TIFF images. NOTE: due to lack of details, it is not clear whether this is related to other issues such as CVE-2006-3464 or CVE-2006-3465.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sony	Playstation Portable

Configuration 1 [-]

OR	cpe:2.3:h:sony:playstation_portable:2.00:::::::*
	cpe:2.3:h:sony:playstation_portable:2.10:::::::*
	cpe:2.3:h:sony:playstation_portable:2.20:::::::*
	cpe:2.3:h:sony:playstation_portable:2.30:::::::*
	cpe:2.3:h:sony:playstation_portable:2.40:::::::*
	cpe:2.3:h:sony:playstation_portable:2.50:::::::*
	cpe:2.3:h:sony:playstation_portable:2.60:::::::*
	cpe:2.3:h:sony:playstation_portable:2.70:::::::*
	cpe:2.3:h:sony:playstation_portable:2.80:::::::*

No data.

References

Link	Providers
http://noobz.eu/content/home.html#280806
http://secunia.com/advisories/21672
http://www.vupen.com/english/advisories/2006/3419
https://exchange.xforce.ibmcloud.com/vulnerabilities/28689

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-08-31T23:00:00

Updated: 2024-08-07T19:14:47.215Z

Reserved: 2006-08-31T00:00:00

Link: CVE-2006-4507

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-08-31T23:04:00.000

Modified: 2017-07-20T01:33:08.600

Link: CVE-2006-4507

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-08-28T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the TIFF viewer (possibly libTIFF) in the Photo Viewer in the Sony PlaystationPortable (PSP) 2.00 through 2.80 allows local users to execute arbitrary code via crafted TIFF images. NOTE: due to lack of details, it is not clear whether this is related to other issues such as CVE-2006-3464 or CVE-2006-3465."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-19T15:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "sonypsp-tiff-code-execution(28689)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28689"}, {"name": "ADV-2006-3419", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/3419"}, {"name": "21672", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21672"}, {"tags": ["x_refsource_MISC"], "url": "http://noobz.eu/content/home.html#280806"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-4507", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the TIFF viewer (possibly libTIFF) in the Photo Viewer in the Sony PlaystationPortable (PSP) 2.00 through 2.80 allows local users to execute arbitrary code via crafted TIFF images. NOTE: due to lack of details, it is not clear whether this is related to other issues such as CVE-2006-3464 or CVE-2006-3465."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "sonypsp-tiff-code-execution(28689)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28689"}, {"name": "ADV-2006-3419", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3419"}, {"name": "21672", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21672"}, {"name": "http://noobz.eu/content/home.html#280806", "refsource": "MISC", "url": "http://noobz.eu/content/home.html#280806"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T19:14:47.215Z"}, "title": "CVE Program Container", "references": [{"name": "sonypsp-tiff-code-execution(28689)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28689"}, {"name": "ADV-2006-3419", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/3419"}, {"name": "21672", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21672"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://noobz.eu/content/home.html#280806"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-4507", "datePublished": "2006-08-31T23:00:00", "dateReserved": "2006-08-31T00:00:00", "dateUpdated": "2024-08-07T19:14:47.215Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:sony:playstation_portable:2.00:*:*:*:*:*:*:*", "matchCriteriaId": "F9B7B3CA-BC2C-4EE5-85D4-DEF315AE4C1F", "vulnerable": true}, {"criteria": "cpe:2.3:h:sony:playstation_portable:2.10:*:*:*:*:*:*:*", "matchCriteriaId": "3B71982B-0217-4E9C-A6BF-2414EC874FFB", "vulnerable": true}, {"criteria": "cpe:2.3:h:sony:playstation_portable:2.20:*:*:*:*:*:*:*", "matchCriteriaId": "16F0F385-EFD5-4CA7-B81A-9D9E35D47B8B", "vulnerable": true}, {"criteria": "cpe:2.3:h:sony:playstation_portable:2.30:*:*:*:*:*:*:*", "matchCriteriaId": "ABD8A169-63E6-48F4-AADD-87AC8EA4504D", "vulnerable": true}, {"criteria": "cpe:2.3:h:sony:playstation_portable:2.40:*:*:*:*:*:*:*", "matchCriteriaId": "0FC11E59-9FF4-49F9-AE27-37664C2D5EF0", "vulnerable": true}, {"criteria": "cpe:2.3:h:sony:playstation_portable:2.50:*:*:*:*:*:*:*", "matchCriteriaId": "C8C06FD4-8C74-4CBD-8A68-924097A0803C", "vulnerable": true}, {"criteria": "cpe:2.3:h:sony:playstation_portable:2.60:*:*:*:*:*:*:*", "matchCriteriaId": "464F161B-2525-4F2F-8987-F52C1490E16F", "vulnerable": true}, {"criteria": "cpe:2.3:h:sony:playstation_portable:2.70:*:*:*:*:*:*:*", "matchCriteriaId": "87397BDF-FDB9-4627-A246-B364EEAF867B", "vulnerable": true}, {"criteria": "cpe:2.3:h:sony:playstation_portable:2.80:*:*:*:*:*:*:*", "matchCriteriaId": "91E4947F-B049-4F81-A0EF-CFC2AB907712", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the TIFF viewer (possibly libTIFF) in the Photo Viewer in the Sony PlaystationPortable (PSP) 2.00 through 2.80 allows local users to execute arbitrary code via crafted TIFF images. NOTE: due to lack of details, it is not clear whether this is related to other issues such as CVE-2006-3464 or CVE-2006-3465."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el visor RIFF (posiblemente libTIFF) en el Visor de Fotograf\u00edas en la Sony Playstation Portable (PSP) 2.00 a 2.80 permite a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n mediante im\u00e1genes TIFF creadas artesanalmente. NOTA: debido a la falta de detalles, no est\u00e1 claro si est\u00e1 relacionada con otras vulnerabilidades como CVE-2006-3464 o CVE-2006-3465."}], "id": "CVE-2006-4507", "lastModified": "2017-07-20T01:33:08.600", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-08-31T23:04:00.000", "references": [{"source": "cve@mitre.org", "url": "http://noobz.eu/content/home.html#280806"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21672"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/3419"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28689"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}