Skip to navigation

CVE Database

CVE-2006-3460

Impact: Important
Public: 2006-08-01
Bugzilla: 199111: CVE-2006-3459 Multiple libtiff flaws (CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)

Details

The MITRE CVE dictionary describes this issue as:

Heap-based buffer overflow in the JPEG decoder in the TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an encoded JPEG stream that is longer than the scan line size (TiffScanLineSize).

Find out more about CVE-2006-3460 from the MITRE CVE dictionary and NIST NVD.

Statement

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux version 2.1 (kdegraphics) RHSA-2006:0648 August 28, 2006
Red Hat Enterprise Linux version 2.1 (libtiff) RHSA-2006:0603 August 02, 2006
Red Hat Enterprise Linux version 3 (kdegraphics) RHSA-2006:0648 August 28, 2006
Red Hat Enterprise Linux version 3 (libtiff) RHSA-2006:0603 August 02, 2006
Red Hat Enterprise Linux version 4 (libtiff) RHSA-2006:0603 August 02, 2006

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.