PT-2009-2838 · Apple · Coregraphics+2
Published
2009-05-13
·
Updated
2017-08-08
·
CVE-2009-0145
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
CoreGraphics in Apple Mac OS X versions 10.4.11 through 10.5.6
CoreGraphics in Apple iPhone OS versions 1.0 through 2.2.1
CoreGraphics in Apple iPhone OS for iPod touch versions 1.1 through 2.2.1
Description
The issue allows remote attackers to execute arbitrary code or cause a denial of service, resulting in an application crash, via a crafted PDF file that triggers memory corruption.
Recommendations
For Mac OS X versions 10.4.11 through 10.5.6, update to version 10.5.7 or later.
For iPhone OS versions 1.0 through 2.2.1, update to a version later than 2.2.1.
For iPhone OS for iPod touch versions 1.1 through 2.2.1, update to a version later than 2.2.1.
Fix
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Coregraphics
Macos X
Ios