cpe:/a:libtiff:libtiff:3.8.1 CVE-2006-3464 2006-08-02T21:04:00.000-04:00 2017-10-10T21:31:03.173-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-08-04T08:08:00.000-04:00 SECTRACK 1016628 SUNALERT 103160 BID 19286 TRUSTIX 2006-0044 SGI 20060801-01-P SGI 20060901-01-P SUNALERT 201331 SECUNIA 21274 SECUNIA 21290 SECUNIA 21304 SECUNIA 21319 SECUNIA 21334 SECUNIA 21338 SECUNIA 21346 SECUNIA 21370 SECUNIA 21392 SECUNIA 21501 SECUNIA 21537 SECUNIA 21598 SECUNIA 21632 SECUNIA 22036 SECUNIA 27832 VUPEN ADV-2006-3105 VUPEN ADV-2007-4034 DEBIAN DSA-1137 GENTOO GLSA-200608-07 MANDRIVA MDKSA-2006:136 MANDRIVA MDKSA-2006:137 REDHAT RHSA-2006:0603 REDHAT RHSA-2006:0648 SLACKWARE SSA:2006-230 SLACKWARE SSA:2006-230-01 SUSE SUSE-SA:2006:044 UBUNTU USN-330-1 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-166.htm CONFIRM https://issues.rpath.com/browse/RPL-558 TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to pass numeric range checks and possibly execute code, and trigger assert errors, via large offset values in a TIFF directory that lead to an integer overflow and other unspecified vectors involving "unchecked arithmetic operations".