CVE-2006-3463

Impact:
Important
Public Date:
2006-08-01
Bugzilla:
199111: CVE-2006-3459 Multiple libtiff flaws (CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)

The MITRE CVE dictionary describes this issue as:

The EstimateStripByteCounts function in TIFF library (libtiff) before 3.8.2 uses a 16-bit unsigned short when iterating over an unsigned 32-bit value, which allows context-dependent attackers to cause a denial of service via a large td_nstrips value, which triggers an infinite loop.

Find out more about CVE-2006-3463 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 2.1 (libtiff) RHSA-2006:0603 2006-08-02
Red Hat Enterprise Linux 4 (libtiff) RHSA-2006:0603 2006-08-02
Red Hat Enterprise Linux 3 (kdegraphics) RHSA-2006:0648 2006-08-28
Red Hat Enterprise Linux 3 (libtiff) RHSA-2006:0603 2006-08-02
Red Hat Enterprise Linux 2.1 (kdegraphics) RHSA-2006:0648 2006-08-28
Last Modified

CVE description copyright © 2017, The MITRE Corporation