Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3460

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-3460
Last Modified 17 Oct 2011 12:00:00
Published 02 Aug 2006 09:04:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3460

Summary

Heap-based buffer overflow in the JPEG decoder in the TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an encoded JPEG stream that is longer than the scan line size (TiffScanLineSize).

Vulnerable Systems

Application

  • Libtiff 3.8.1


References

DEBIAN - DSA-1137

CONFIRM - https://issues.rpath.com/browse/RPL-558

VUPEN - ADV-2007-4034

VUPEN - ADV-2007-3486

VUPEN - ADV-2006-3105

VUPEN - ADV-2006-3101

UBUNTU - USN-330-1

BID - 19289

BID - 19288

REDHAT - RHSA-2006:0648

REDHAT - RHSA-2006:0603

SUSE - SUSE-SA:2006:044

MANDRIVA - MDKSA-2006:137

MANDRIVA - MDKSA-2006:136

GENTOO - GLSA-200608-07

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2006-166.htm

SUNALERT - 201331

SUNALERT - 103160

SLACKWARE - SSA:2006-230-01

SLACKWARE - SSA:2006-230

SECTRACK - 1016628

SECUNIA - 27832

SECUNIA - 27222

SECUNIA - 27181

SECUNIA - 22036

SECUNIA - 21632

SECUNIA - 21598

SECUNIA - 21537

SECUNIA - 21501

SECUNIA - 21392

SECUNIA - 21370

SECUNIA - 21346

SECUNIA - 21338

SECUNIA - 21334

SECUNIA - 21319

SECUNIA - 21304

SECUNIA - 21290

SECUNIA - 21274

TRUSTIX - 2006-0044

SGI - 20060901-01-P

SGI - 20060801-01-P


Last Updated: 27 May 2016 10:43:01