Integer overflow in the CFDataReplaceBytes function in the CFData API in CoreFoundation in Apple Mac OS X prior to 10.5.3 allows context-dependent malicious users to execute arbitrary code or cause a denial of service (crash) via an invalid length argument, which triggers a heap-based buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x 10.5.1 |
||
apple mac os x 10.5.2 |
||
apple mac os x server 10.4.11 |
||
apple mac os x server 10.5 |
||
apple mac os x server 10.5.1 |
||
apple mac os x server 10.5.2 |
||
apple mac os x 10.4.11 |
||
apple mac os x 10.5 |