CVE-2006-3460

Published: March 8, 2006

Heap-based buffer overflow in the JPEG decoder in the TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an encoded JPEG stream that is longer than the scan line size (TiffScanLineSize).

HIGH
CVSS v2: 7.5

Status

DocFilters Release	Package	State	Justification	Comment
25.1	libtiff (4.6.0)	Not Affected	Code Not Present	4.6.0 does not match CVE configuration.
24.4	libtiff (4.6.0)	Not Affected	Code Not Present	4.6.0 does not match CVE configuration.
24.4.0	libtiff (4.6.0)	Not Affected	Code Not Present	4.6.0 does not match CVE configuration.
24.3	libtiff (4.6.0)	Not Affected	Code Not Present	4.6.0 does not match CVE configuration.
24.2.1	libtiff (4.6.0)	Not Affected	Code Not Present	4.6.0 does not match CVE configuration.
24.2	libtiff (4.6.0)	Not Affected	Code Not Present	4.6.0 does not match CVE configuration.
24.1	libtiff (4.6.0)	Not Affected	Code Not Present	4.6.0 does not match CVE configuration.
23.3	libtiff (4.5.1)	Not Affected	Code Not Present	4.5.1 does not match CVE configuration.
23.2.1	libtiff (4.3.0)	Not Affected	Code Not Present	4.3.0 does not match CVE configuration.
23.2	libtiff (4.3.0)	Not Affected	Code Not Present	4.3.0 does not match CVE configuration.
23.1	libtiff (4.3.0)	Not Affected	Code Not Present	4.3.0 does not match CVE configuration.
22.4	libtiff (4.3.0)	Not Affected	Code Not Present	4.3.0 does not match CVE configuration.
22.3	libtiff (4.3.0)	Not Affected	Code Not Present	4.3.0 does not match CVE configuration.
22.2	libtiff (4.3.0)	Not Affected	Code Not Present	4.3.0 does not match CVE configuration.
22.1	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
21.11.1	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
21.11	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
21.8.1	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
21.8	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
21.5.1	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
21.5.0	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
21.2.0	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.20	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.19.3667	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.18.3599	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.17	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.16.3445	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.15.3368	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.14.3263	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.13.3179	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.12.3054	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.11.3040	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.11.2990	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.10.2934	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.9.2878	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.
11.4.8.2822	libtiff (4.0.8)	Not Affected	Code Not Present	4.0.8 does not match CVE configuration.

Severity score breakdown

References

NVD
MITRE