CVE-2009-0155

Name of the Vulnerable Software and Affected Versions Apple Mac OS X versions 10.5 through 10.5.6 Apple iPhone OS versions 1.0 through 2.2.1 Apple iPhone OS for iPod touch versions 1.1 through 2.2.1

Description The issue is caused by an integer underflow in CoreGraphics, allowing remote attackers to execute arbitrary code or cause a denial of service via a crafted PDF file that triggers a heap-based buffer overflow.

Recommendations For Apple Mac OS X versions 10.5 through 10.5.6, update to version 10.5.7 or later. For Apple iPhone OS versions 1.0 through 2.2.1, update to a version later than 2.2.1. For Apple iPhone OS for iPod touch versions 1.1 through 2.2.1, update to a version later than 2.2.1.