Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Fedora Local Security Checks
Title:Fedora Core 4 FEDORA-2006-878 (libtiff)

The remote host is missing an update to libtiff
announced via advisory FEDORA-2006-878.

The libtiff package contains a library of functions for manipulating
TIFF (Tagged Image File Format) image format files. TIFF is a widely
used file format for bitmapped images. TIFF files usually end in the
.tif extension and they are often quite large.

The libtiff package should be installed if you need to manipulate TIFF
format image files.

Update Information:

The libtiff package contains a library of functions for
manipulating TIFF (Tagged Image File Format) files.

Tavis Ormandy of Google discovered a number of flaws in
libtiff during a security audit. An attacker could create a
carefully crafted TIFF file in such a way that it was
possible to cause an application linked with libtiff to
crash or possibly execute arbitrary code. (CVE-2006-3459,
CVE-2006-3460, CVE-2006-3461, CVE-2006-3462, CVE-2006-3463,
CVE-2006-3464, CVE-2006-3465)

All users are advised to upgrade to these updated packages,
which contain backported fixes for these issues.
* Tue Aug 1 2006 Matthias Clasen
- Fix several vulnerabilities (CVE-2006-3460 CVE-2006-3461
CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)

Solution: Apply the appropriate updates.

This update can be downloaded from:

This update can be installed with the 'yum' update program. Use 'yum update
package-name' at the command line. For more information, refer to 'Managing
Software with yum,' available at

Risk factor : High

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-3459
BugTraq ID: 19283
BugTraq ID: 19289
Cert/CC Advisory: TA06-214A
Debian Security Information: DSA-1137 (Google Search)
SGI Security Advisory: 20060801-01-P
SGI Security Advisory: 20060901-01-P
SuSE Security Announcement: SUSE-SA:2006:044 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2006-3460
BugTraq ID: 19288
Common Vulnerability Exposure (CVE) ID: CVE-2006-3461
BugTraq ID: 19290
Common Vulnerability Exposure (CVE) ID: CVE-2006-3462
BugTraq ID: 19282
Common Vulnerability Exposure (CVE) ID: CVE-2006-3463
BugTraq ID: 19284
Common Vulnerability Exposure (CVE) ID: CVE-2006-3464
BugTraq ID: 19286
Common Vulnerability Exposure (CVE) ID: CVE-2006-3465
BugTraq ID: 19287
CopyrightCopyright (c) 2007 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.