Unspecified vulnerability in the custom tag support for the TIFF library (libtiff) before 3.8.2 allows remote attackers to cause a denial of service (instability or crash) and execute arbitrary code via unknown vectors.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Libtiff
  • Libtiff
Redhat
  • Enterprise Linux

Configuration 1 [-]

cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 3
libtiff-0:3.5.7-25.el3.4 cpe:/o:redhat:enterprise_linux:3 RHSA-2006:0603 2006-08-02T00:00:00Z
kdegraphics-7:3.1.3-3.10 cpe:/o:redhat:enterprise_linux:3 RHSA-2006:0648 2006-08-28T00:00:00Z
Red Hat Enterprise Linux 4
libtiff-0:3.6.1-12 cpe:/o:redhat:enterprise_linux:4 RHSA-2006:0603 2006-08-02T00:00:00Z
References
Link Providers
ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P cve-icon cve-icon
ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc cve-icon cve-icon
http://docs.info.apple.com/article.html?artnum=304063 cve-icon cve-icon
http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html cve-icon cve-icon
http://lwn.net/Alerts/194228/ cve-icon cve-icon
http://secunia.com/advisories/21253 cve-icon cve-icon
http://secunia.com/advisories/21274 cve-icon cve-icon
http://secunia.com/advisories/21290 cve-icon cve-icon
http://secunia.com/advisories/21304 cve-icon cve-icon
http://secunia.com/advisories/21319 cve-icon cve-icon
http://secunia.com/advisories/21334 cve-icon cve-icon
http://secunia.com/advisories/21338 cve-icon cve-icon
http://secunia.com/advisories/21346 cve-icon cve-icon
http://secunia.com/advisories/21370 cve-icon cve-icon
http://secunia.com/advisories/21392 cve-icon cve-icon
http://secunia.com/advisories/21501 cve-icon cve-icon
http://secunia.com/advisories/21537 cve-icon cve-icon
http://secunia.com/advisories/21598 cve-icon cve-icon
http://secunia.com/advisories/21632 cve-icon cve-icon
http://secunia.com/advisories/22036 cve-icon cve-icon
http://secunia.com/advisories/27832 cve-icon cve-icon
http://securitytracker.com/id?1016628 cve-icon cve-icon
http://securitytracker.com/id?1016671 cve-icon cve-icon
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.536600 cve-icon cve-icon
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103160-1 cve-icon cve-icon
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201331-1 cve-icon cve-icon
http://support.avaya.com/elmodocs2/security/ASA-2006-166.htm cve-icon cve-icon
http://www.debian.org/security/2006/dsa-1137 cve-icon cve-icon
http://www.gentoo.org/security/en/glsa/glsa-200608-07.xml cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDKSA-2006:137 cve-icon cve-icon
http://www.novell.com/linux/security/advisories/2006_44_libtiff.html cve-icon cve-icon
http://www.osvdb.org/27729 cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2006-0603.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2006-0648.html cve-icon cve-icon
http://www.securityfocus.com/bid/19287 cve-icon cve-icon
http://www.securityfocus.com/bid/19289 cve-icon cve-icon
http://www.ubuntu.com/usn/usn-330-1 cve-icon cve-icon
http://www.us-cert.gov/cas/techalerts/TA06-214A.html cve-icon cve-icon
http://www.vupen.com/english/advisories/2006/3101 cve-icon cve-icon
http://www.vupen.com/english/advisories/2006/3105 cve-icon cve-icon
http://www.vupen.com/english/advisories/2007/4034 cve-icon cve-icon
https://issues.rpath.com/browse/RPL-558 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2006-3465 cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9067 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2006-3465 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2006-08-03T01:00:00

Updated: 2024-08-07T18:30:33.913Z

Reserved: 2006-07-10T00:00:00

Link: CVE-2006-3465

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2006-08-03T01:04:00.000

Modified: 2017-10-11T01:31:03.267

Link: CVE-2006-3465

cve-icon Redhat

Severity : Important

Publid Date: 2006-08-01T00:00:00Z

Links: CVE-2006-3465 - Bugzilla