CVE-2006-3459 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-3459
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-3459

Description: Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2 allow context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors, including a large tdir_count value in the TIFFFetchShortPair function in tif_dirread.c

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-330-1 TRUSTIX http://lwn.net/Alerts/194228/ SUSE http://www.novell.com/linux/security/advisories/2006_44_libtiff.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-103160-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103099-1 ST 1016671 1016628 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.536600 SGI SAID Secunia Advisory: SA21304 Secunia Advisory: SA22036 Secunia Advisory: SA21598 Secunia Advisory: SA21632 Secunia Advisory: SA21537 Secunia Advisory: SA21501 Secunia Advisory: SA21392 Secunia Advisory: SA21334 Secunia Advisory: SA21290 Secunia Advisory: SA21370 Secunia Advisory: SA21274 Secunia Advisory: SA21253 Secunia Advisory: SA21319 Secunia Advisory: SA21338 Secunia Advisory: SA21346 Secunia Advisory: SA27181 Secunia Advisory: SA27222 Secunia Advisory: SA27832 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0648.html http://www.redhat.com/support/errata/RHSA-2006-0603.html OSVDB 27723 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2006:137 http://www.mandriva.com/security/advisories?name=MDKSA-2006:136 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200608-07.xml DEBIAN http://www.debian.org/security/2006/dsa-1137 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-166.htm CERT http://www.us-cert.gov/cas/techalerts/TA06-214A.html BID 19283 19289 APPLE http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html

Return to the previous page.