Описание
The BMP and GIF image decoding engine in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to obtain sensitive information (memory contents) via a crafted (1) BMP or (2) GIF image, which causes an out-of-bounds read.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Patch
- US Government Resource
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Patch
- US Government Resource
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 10.5.2 (включая)Версия до 10.5.2 (включая)
Одно из
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*
EPSS
Процентиль: 73%
0.00784
Низкий
7.1 High
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
The BMP and GIF image decoding engine in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to obtain sensitive information (memory contents) via a crafted (1) BMP or (2) GIF image, which causes an out-of-bounds read.
EPSS
Процентиль: 73%
0.00784
Низкий
7.1 High
CVSS2
Дефекты
CWE-119