Published: 22/02/2007 Updated: 08/03/2011

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

VMScore: 785

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Integer overflow in the gifGetBandProc function in ImageIO in Apple Mac OS X 10.4.8 allows remote malicious users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image that triggers the overflow during decompression. NOTE: this is a different issue than CVE-2006-3502 and CVE-2006-3503.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple mac os x 10.4.8
apple mac os x server 10.4.8

source: wwwsecurityfocuscom/bid/22630/info Apple Mac OS X ImageIO is prone to an integer-overflow vulnerability because it fails to handle specially crafted image files A remote attacker can exploit this issue to cause denial-of-service conditions and potentially to execute code, but this has not been confirmed This issue affects Mac ...

NVD-CWE-Other http://security-protocols.com/sp-x39-advisory.php http://www.securityfocus.com/bid/22630 http://docs.info.apple.com/article.html?artnum=305214 http://www.kb.cert.org/vuls/id/559444 http://www.securitytracker.com/id?1017758 http://secunia.com/advisories/24479 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://www.us-cert.gov/cas/techalerts/TA07-072A.html http://www.osvdb.org/34854 http://www.vupen.com/english/advisories/2007/0930 https://nvd.nist.gov https://www.exploit-db.com/exploits/29620/https://www.kb.cert.org/vuls/id/559444

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-1071

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect