PT-2009-4199 · Apple · Colorsync+2
Andrzej Dyjak
+1
·
Publicado
2009-08-06
·
Atualizado
2017-09-29
·
CVE-2009-1726
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Apple Mac OS X versions 10.4.11 through 10.5.7
Description:
The issue is related to a heap-based buffer overflow in ColorSync, which can be exploited by remote attackers through a crafted image containing an embedded ColorSync profile. This can lead to the execution of arbitrary code or cause a denial of service, resulting in an application crash.
Recommendations:
For Apple Mac OS X versions 10.4.11 through 10.5.7, update to version 10.5.8 or later to resolve the issue.
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Colorsync
Macos X
Safari