PT-2005-2333 · Apple · Cocoa+2
Henrik Dalgaard
·
Publicado
2005-05-04
·
Atualizado
2008-09-05
·
CVE-2005-1330
CVSS v2.0
4.9
Média
| Vetor | AV:L/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions:
AppKit in Mac OS X version 10.3.9
Description:
The issue allows attackers to cause a denial of service, resulting in a Cocoa application crash, by utilizing a malformed TIFF image. This image causes the NXSeek to use an incorrect offset, leading to an unhandled exception.
Recommendations:
For Mac OS X version 10.3.9, consider avoiding the use of malformed TIFF images to prevent the denial of service. As a temporary workaround, restrict the handling of TIFF images in Cocoa applications until a fix is available.
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Appkit
Cocoa
Macos X