Red Hat Customer Portal

Skip to main content

CVE-2006-3460

Impact:
Important
Public Date:
2006-08-01
Bugzilla:
199111: CVE-2006-3459 Multiple libtiff flaws (CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)

The MITRE CVE dictionary describes this issue as:

Heap-based buffer overflow in the JPEG decoder in the TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an encoded JPEG stream that is longer than the scan line size (TiffScanLineSize).

Find out more about CVE-2006-3460 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 2.1 (libtiff) RHSA-2006:0603 2006-08-02
Red Hat Enterprise Linux 4 (libtiff) RHSA-2006:0603 2006-08-02
Red Hat Enterprise Linux 3 (kdegraphics) RHSA-2006:0648 2006-08-28
Red Hat Enterprise Linux 3 (libtiff) RHSA-2006:0603 2006-08-02
Red Hat Enterprise Linux 2.1 (kdegraphics) RHSA-2006:0648 2006-08-28