Описание
Integer overflow in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image that triggers a heap-based buffer overflow.
Ссылки
- Patch
- Vendor Advisory
- PatchUS Government Resource
- Vendor Advisory
- Patch
- Vendor Advisory
- PatchUS Government Resource
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.06438
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Integer overflow in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image that triggers a heap-based buffer overflow.
EPSS
Процентиль: 91%
0.06438
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-119