PT-2005-2333 · Apple · Cocoa+2

Henrik Dalgaard

Published

2005-05-04

Updated

2008-09-05

CVE-2005-1330

CVSS v2.0

4.9

Medium

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions: AppKit in Mac OS X version 10.3.9

Description: The issue allows attackers to cause a denial of service, resulting in a Cocoa application crash, by utilizing a malformed TIFF image. This image causes the NXSeek to use an incorrect offset, leading to an unhandled exception.

Recommendations: For Mac OS X version 10.3.9, consider avoiding the use of malformed TIFF images to prevent the denial of service. As a temporary workaround, restrict the handling of TIFF images in Cocoa applications until a fix is available.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2005-1330

Affected Products

Appkit

Cocoa

Macos X

PT-2005-2333 · Apple · Cocoa+2

CVE-2005-1330

Weakness Enumeration

Related Identifiers

Affected Products

References · 2