National Vulnerability Database (NVD) National Vulnerability Database (CVE-2006-3462)

National Cyber Awareness System

Vulnerability Summary for CVE-2006-3462

Original release date:08/03/2006

Last revised:10/17/2011

Source: US-CERT/NIST

Overview

Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library (libtiff) before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images.

Impact

CVSS Severity (version 2.0):

CVSS v2 Base Score:7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)

Impact Subscore: 6.4

Exploitability Subscore: 10.0

CVSS Version 2 Metrics:

Access Vector: Network exploitable

Access Complexity: Low

Authentication: Not required to exploit

Impact Type:Provides user account access, Allows partial confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service

Vendor Statements (disclaimer)

Official Statement from Red Hat (03/14/2007)

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

US-CERT Technical Alert: TA06-214A

Name: TA06-214A

Hyperlink:http://www.us-cert.gov/cas/techalerts/TA06-214A.html

External Source: DEBIAN

Name: DSA-1137

Type: Advisory; Patch Information

Hyperlink:http://www.debian.org/security/2006/dsa-1137

External Source: CONFIRM

Name: https://issues.rpath.com/browse/RPL-558

Hyperlink:https://issues.rpath.com/browse/RPL-558

External Source: VUPEN

Name: ADV-2007-4034

Type: Advisory

Hyperlink:http://www.vupen.com/english/advisories/2007/4034

External Source: VUPEN

Name: ADV-2007-3486

Type: Advisory

Hyperlink:http://www.vupen.com/english/advisories/2007/3486

External Source: VUPEN

Name: ADV-2006-3105

Type: Advisory

Hyperlink:http://www.vupen.com/english/advisories/2006/3105

External Source: VUPEN

Name: ADV-2006-3101

Type: Advisory

Hyperlink:http://www.vupen.com/english/advisories/2006/3101

External Source: UBUNTU

Name: USN-330-1

Hyperlink:http://www.ubuntu.com/usn/usn-330-1

External Source: BID

Name: 19289

Hyperlink:http://www.securityfocus.com/bid/19289

External Source: BID

Name: 19282

Hyperlink:http://www.securityfocus.com/bid/19282

External Source: REDHAT

Name: RHSA-2006:0648

Type: Advisory

Hyperlink:http://www.redhat.com/support/errata/RHSA-2006-0648.html

External Source: REDHAT

Name: RHSA-2006:0603

Type: Advisory

Hyperlink:http://www.redhat.com/support/errata/RHSA-2006-0603.html

External Source: OSVDB

Name: 27726

Hyperlink:http://www.osvdb.org/27726

External Source: SUSE

Name: SUSE-SA:2006:044

Hyperlink:http://www.novell.com/linux/security/advisories/2006_44_libtiff.html

External Source: MANDRIVA

Name: MDKSA-2006:137

Hyperlink:http://www.mandriva.com/security/advisories?name=MDKSA-2006:137

External Source: MANDRIVA

Name: MDKSA-2006:136

Hyperlink:http://www.mandriva.com/security/advisories?name=MDKSA-2006:136

External Source: GENTOO

Name: GLSA-200608-07

Hyperlink:http://www.gentoo.org/security/en/glsa/glsa-200608-07.xml

External Source: CONFIRM

Name: http://support.avaya.com/elmodocs2/security/ASA-2006-166.htm

Hyperlink:http://support.avaya.com/elmodocs2/security/ASA-2006-166.htm

External Source: SUNALERT

Name: 201331

Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-66-201331-1

External Source: SUNALERT

Name: 103160

Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-26-103160-1

External Source: SLACKWARE

Name: SSA:2006-230

Hyperlink:http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.536600

External Source: SLACKWARE

Name: SSA:2006-230

Hyperlink:http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.536600

External Source: SECTRACK

Name: 1016671

Hyperlink:http://securitytracker.com/id?1016671

External Source: SECTRACK

Name: 1016628

Hyperlink:http://securitytracker.com/id?1016628

External Source: SECUNIA

Name: 27832

Type: Advisory

Hyperlink:http://secunia.com/advisories/27832

External Source: SECUNIA

Name: 27222

Type: Advisory

Hyperlink:http://secunia.com/advisories/27222

External Source: SECUNIA

Name: 27181

Type: Advisory

Hyperlink:http://secunia.com/advisories/27181

External Source: SECUNIA

Name: 22036

Type: Advisory

Hyperlink:http://secunia.com/advisories/22036

External Source: SECUNIA

Name: 21632

Type: Advisory

Hyperlink:http://secunia.com/advisories/21632

External Source: SECUNIA

Name: 21598

Type: Advisory

Hyperlink:http://secunia.com/advisories/21598

External Source: SECUNIA

Name: 21537

Type: Advisory

Hyperlink:http://secunia.com/advisories/21537

External Source: SECUNIA

Name: 21501

Type: Advisory

Hyperlink:http://secunia.com/advisories/21501

External Source: SECUNIA

Name: 21392

Type: Advisory

Hyperlink:http://secunia.com/advisories/21392

External Source: SECUNIA

Name: 21370

Type: Advisory

Hyperlink:http://secunia.com/advisories/21370

External Source: SECUNIA

Name: 21346

Type: Advisory

Hyperlink:http://secunia.com/advisories/21346

External Source: SECUNIA

Name: 21338

Type: Advisory

Hyperlink:http://secunia.com/advisories/21338

External Source: SECUNIA

Name: 21334

Type: Advisory

Hyperlink:http://secunia.com/advisories/21334

External Source: SECUNIA

Name: 21319

Type: Advisory

Hyperlink:http://secunia.com/advisories/21319

External Source: SECUNIA

Name: 21304

Type: Advisory

Hyperlink:http://secunia.com/advisories/21304

External Source: SECUNIA

Name: 21290

Type: Advisory

Hyperlink:http://secunia.com/advisories/21290

External Source: SECUNIA

Name: 21274

Type: Advisory

Hyperlink:http://secunia.com/advisories/21274

External Source: SECUNIA

Name: 21253

Type: Advisory

Hyperlink:http://secunia.com/advisories/21253

External Source: OVAL

Name: oval:org.mitre.oval:def:11301

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11301

External Source: TRUSTIX

Name: 2006-0044

Hyperlink:http://lwn.net/Alerts/194228/

External Source: APPLE

Name: APPLE-SA-2006-08-01

Hyperlink:http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html

External Source: MISC

Name: http://docs.info.apple.com/article.html?artnum=304063

Hyperlink:http://docs.info.apple.com/article.html?artnum=304063

External Source: SGI

Name: 20060901-01-P

Hyperlink:ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc

External Source: SGI

Name: 20060801-01-P

Hyperlink:ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P

References to Check Content

Identifier:oval:org.mitre.oval:def:11301

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:11301

Vulnerable software and versions

Configuration 1

* cpe:/a:libtiff:libtiff:3.8.1 and previous versions

* Denotes Vulnerable Software

Technical Details

Vulnerability Type (View All)

Buffer Errors (CWE-119)

CVE Standard Vulnerability Entry:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3462