Secunia

icon customer login

Community Login

icon customer login

icon customer login

Secunia CSI 5.0

Products

Solutions

Customers

Partner

Resources

Company

Careers

Community

CVE Reference: CVE-2006-3464
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-3464

Description: TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to pass numeric range checks and possibly execute code, and trigger assert errors, via large offset values in a TIFF directory that lead to an integer overflow and other unspecified vectors involving "unchecked arithmetic operations".

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-330-1 TRUSTIX http://lwn.net/Alerts/194228/ SUSE http://www.novell.com/linux/security/advisories/2006_44_libtiff.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-103160-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201331-1 ST 1016628 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.536600 SGI SAID Secunia Advisory: SA21537 Secunia Advisory: SA21501 Secunia Advisory: SA21392 Secunia Advisory: SA21334 Secunia Advisory: SA21290 Secunia Advisory: SA21274 Secunia Advisory: SA21370 Secunia Advisory: SA21632 Secunia Advisory: SA21598 Secunia Advisory: SA22036 Secunia Advisory: SA21304 Secunia Advisory: SA21319 Secunia Advisory: SA21338 Secunia Advisory: SA21346 Secunia Advisory: SA27832 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0648.html http://www.redhat.com/support/errata/RHSA-2006-0603.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10916 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2006:137 http://www.mandriva.com/security/advisories?name=MDKSA-2006:136 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200608-07.xml DEBIAN http://www.debian.org/security/2006/dsa-1137 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-166.htm BID 19286

Return to the previous page.

Products

Solutions

Customers

Partner

Resources

Company

Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)

Industry
Compliance
Technology
Integration

Customers
Testimonials

VARS
MSSP
Technology Partners
References

Factsheets
Reports & Papers
Webinars
Events

About us
Careers
Memberships
Newsroom

© 2002-2012 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability