Barry K. Nathan

**Name of the Vulnerable Software and Affected Versions** Apple Mac OS X versions 10.5 through 10.5.6 Apple iPhone OS versions 1.0 through 2.2.1 Apple iPhone OS for iPod touch versions 1.1 through 2.2.1 **Description** The issue is caused by an integer underflow in CoreGraphics, allowing remote attackers to execute arbitrary code or cause a denial of service via a crafted PDF file that triggers a heap-based buffer overflow. **Recommendations** For Apple Mac OS X versions 10.5 through 10.5.6, update to version 10.5.7 or later. For Apple iPhone OS versions 1.0 through 2.2.1, update to a version later than 2.2.1. For Apple iPhone OS for iPod touch versions 1.1 through 2.2.1, update to a version later than 2.2.1.