CVE-2006-3464

TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to pass numeric range checks and possibly execute code, and trigger assert errors, via large offset values in a TIFF directory that lead to an integer overflow and other unspecified vectors involving "unchecked arithmetic operations".

🔗 References (72)

• secalert@redhatftp://patches.sgi.com/support/free/security/advisories/20060801-01-P
• secalert@redhatftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc
• secalert@redhathttp://lwn.net/Alerts/194228/
• secalert@redhathttp://secunia.com/advisories/21274
• secalert@redhathttp://secunia.com/advisories/21290
• secalert@redhathttp://secunia.com/advisories/21304
• secalert@redhathttp://secunia.com/advisories/21319
• secalert@redhathttp://secunia.com/advisories/21334
• secalert@redhathttp://secunia.com/advisories/21338
• secalert@redhathttp://secunia.com/advisories/21346
• secalert@redhathttp://secunia.com/advisories/21370
• secalert@redhathttp://secunia.com/advisories/21392
• secalert@redhathttp://secunia.com/advisories/21501
• secalert@redhathttp://secunia.com/advisories/21537
• secalert@redhathttp://secunia.com/advisories/21598