CVE-2006-3464 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-3464
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-3464

Description: TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to pass numeric range checks and possibly execute code, and trigger assert errors, via large offset values in a TIFF directory that lead to an integer overflow and other unspecified vectors involving "unchecked arithmetic operations".

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-330-1 TRUSTIX http://lwn.net/Alerts/194228/ SUSE http://www.novell.com/linux/security/advisories/2006_44_libtiff.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-66-201331-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103160-1 ST 1016628 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.536600 SGI SAID Secunia Advisory: SA21598 Secunia Advisory: SA21632 Secunia Advisory: SA21537 Secunia Advisory: SA21501 Secunia Advisory: SA21392 Secunia Advisory: SA21334 Secunia Advisory: SA21290 Secunia Advisory: SA21370 Secunia Advisory: SA21274 Secunia Advisory: SA21304 Secunia Advisory: SA22036 Secunia Advisory: SA21319 Secunia Advisory: SA21338 Secunia Advisory: SA21346 Secunia Advisory: SA27832 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0648.html http://www.redhat.com/support/errata/RHSA-2006-0603.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2006:136 http://www.mandriva.com/security/advisories?name=MDKSA-2006:137 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200608-07.xml DEBIAN http://www.debian.org/security/2006/dsa-1137 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-166.htm BID 19286

Return to the previous page.