PT-2007-1544 · Apple · Iphoto
Kevin Finisterre
·
Publicado
2007-01-04
·
Atualizado
2018-10-16
·
CVE-2007-0051
CVSS v2.0
6.8
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Apple iPhoto versions 6.0.5 and prior to 6.0.6
Description
The issue allows remote user-assisted attackers to execute arbitrary code via a crafted photocast with format string specifiers in the title of an RSS iPhoto feed.
Recommendations
For Apple iPhoto versions 6.0.5 and prior to 6.0.6, update to version 6.0.6 or later to resolve the issue.
Exploit
Correção
Use of Externally-Controlled Format String
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Iphoto