CVE-2006-3462 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-3462
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-3462

Description: Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library (libtiff) before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-330-1 TRUSTIX http://lwn.net/Alerts/194228/ SUSE http://www.novell.com/linux/security/advisories/2006_44_libtiff.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-103160-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103099-1 ST 1016628 1016671 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.536600 SGI SAID Secunia Advisory: SA21338 Secunia Advisory: SA21304 Secunia Advisory: SA22036 Secunia Advisory: SA21598 Secunia Advisory: SA21632 Secunia Advisory: SA21537 Secunia Advisory: SA21501 Secunia Advisory: SA21392 Secunia Advisory: SA21274 Secunia Advisory: SA21290 Secunia Advisory: SA21334 Secunia Advisory: SA21370 Secunia Advisory: SA21253 Secunia Advisory: SA21319 Secunia Advisory: SA21346 Secunia Advisory: SA27181 Secunia Advisory: SA27222 Secunia Advisory: SA27832 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0648.html http://www.redhat.com/support/errata/RHSA-2006-0603.html OSVDB 27726 MISC http://docs.info.apple.com/article.html?artnum=304063 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2006:137 http://www.mandriva.com/security/advisories?name=MDKSA-2006:136 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200608-07.xml DEBIAN http://www.debian.org/security/2006/dsa-1137 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-166.htm CERT http://www.us-cert.gov/cas/techalerts/TA06-214A.html BID 19282 19289 APPLE http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html

Return to the previous page.