CVE-2006-3461

Name of the Vulnerable Software and Affected Versions libtiff versions prior to 3.8.2 kdegraphics-2.2.2 kdegraphics-3.1.3 libtiff-devel (affected versions not specified) libtiff-64bit (affected versions not specified) libtiff-devel-64bit (affected versions not specified) libtiff-devel-32bit (affected versions not specified) libtiff-32bit (affected versions not specified) libtiffxx0 (affected versions not specified) tiff versions prior to 3.8.2-r2

Description The issue is related to multiple vulnerabilities in the libtiff library, which may allow context-dependent attackers to execute arbitrary code or disrupt the confidentiality, integrity, and availability of protected information. The vulnerabilities can be exploited remotely.

Recommendations For libtiff versions prior to 3.8.2, update to version 3.8.2 or later. For kdegraphics-2.2.2, consider disabling the vulnerable components until a patch is available. For kdegraphics-3.1.3, consider disabling the vulnerable components until a patch is available. For libtiff-devel, libtiff-64bit, libtiff-devel-64bit, libtiff-devel-32bit, libtiff-32bit, and libtiffxx0, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For tiff versions prior to 3.8.2-r2, update to version 3.8.2-r2 or later.