CVE-2006-3464

Impact:
Important
Public Date:
2006-08-01
Bugzilla:
199111: CVE-2006-3459 Multiple libtiff flaws (CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)

The MITRE CVE dictionary describes this issue as:

TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to pass numeric range checks and possibly execute code, and trigger assert errors, via large offset values in a TIFF directory that lead to an integer overflow and other unspecified vectors involving "unchecked arithmetic operations".

Find out more about CVE-2006-3464 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 2.1 (libtiff) RHSA-2006:0603 2006-08-02
Red Hat Enterprise Linux 4 (libtiff) RHSA-2006:0603 2006-08-02
Red Hat Enterprise Linux 3 (kdegraphics) RHSA-2006:0648 2006-08-28
Red Hat Enterprise Linux 3 (libtiff) RHSA-2006:0603 2006-08-02
Red Hat Enterprise Linux 2.1 (kdegraphics) RHSA-2006:0648 2006-08-28
Last Modified

CVE description copyright © 2017, The MITRE Corporation