Integer overflow in ColorSync in Apple Safari prior to 4.0.5 on Windows, and iTunes prior to 9.1, allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via an image with a crafted color profile that triggers a heap-based buffer overflow.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
apple safari |
||
apple safari 4.0 |
||
apple safari 4.0.0b |
||
apple safari 4.0.1 |
||
apple safari 4.0.2 |
||
apple safari 4.0.3 |
Vulmon