Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to cause a denial of service (crash) via a crafted JPEG image with malformed JPEG metadata, as demonstrated using Safari, aka "Deja-Doom".
References
Link | Resource |
---|---|
http://drunkenblog.com/drunkenblog-archives/000760.html | |
http://www.securityfocus.com/bid/17321 | |
http://lists.apple.com/archives/security-announce/2006/May/msg00003.html | Patch |
http://www.us-cert.gov/cas/techalerts/TA06-132A.html | Patch Third Party Advisory US Government Resource |
http://secunia.com/advisories/20077 | Patch Vendor Advisory |
http://www.securityfocus.com/bid/17951 | |
http://www.osvdb.org/25597 | |
http://www.vupen.com/english/advisories/2006/1779 | Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/26412 |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Information
Published : 2006-03-31 03:06
Updated : 2017-07-19 18:30
NVD link : CVE-2006-1552
Mitre link : CVE-2006-1552
JSON object : View
CWE
CWE-189
Numeric Errors
Products Affected
apple
- mac_os_x
- mac_os_x_server
- safari
- imageio