CVE-2007-0647

Name of the Vulnerable Software and Affected Versions Help Viewer version 3.0.0

Description The issue allows remote user-assisted attackers to cause a denial of service, resulting in a crash. This occurs when format string specifiers are included in a filename and not properly handled when calling the NSBeginAlertSheet function from the Apple AppKit.

Recommendations For Help Viewer version 3.0.0, consider restricting the handling of filenames with format string specifiers to prevent the denial of service. As a temporary workaround, avoid using filenames that include format string specifiers until a patch is available.