Multiple libtiff flaws (CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)
The EstimateStripByteCounts function in TIFF library libtiff before 3.8.2 uses a 16-bit unsigned short when iterating over an unsigned 32-bit value, which allows context-dependent attackers to cause a denial of service via a large tdnstrips value, which triggers an infinite loop...