CVE-2008-2322

Name of the Vulnerable Software and Affected Versions: Apple Mac OS X versions 10.4.11, 10.5.2, 10.5.4

Description: The issue allows remote attackers to execute arbitrary code or cause a denial of service, resulting in an application crash, via a PDF file with a long Type 1 font. This triggers a heap-based buffer overflow due to an integer overflow in CoreGraphics.

Recommendations: For Apple Mac OS X version 10.4.11, update to a version that includes the fix for the integer overflow in CoreGraphics. For Apple Mac OS X version 10.5.2, update to a version that includes the fix for the integer overflow in CoreGraphics. For Apple Mac OS X version 10.5.4, update to a version that includes the fix for the integer overflow in CoreGraphics.