Multiple heap-based buffer overflows in Mac OS X 10.4.6 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) PredictorVSetField function for TIFF or (2) CFAllocatorAllocate function for GIF, as used in applications that use ImageIO or AppKit. NOTE: the BMP vector has been re-assigned to CVE-2006-2238 because it affects a separate product family.
References
Link | Resource |
---|---|
http://www.security-protocols.com/sp-x28-advisory.php | Vendor Advisory |
http://www.security-protocols.com/sp-x30-advisory.php | Vendor Advisory |
http://www.security-protocols.com/modules.php?name=News&file=article&sid=3233 | Exploit |
http://www.securityfocus.com/bid/17634 | Exploit |
http://secunia.com/advisories/19686 | Vendor Advisory |
http://www.osvdb.org/24821 | |
http://www.osvdb.org/24822 | |
http://lists.apple.com/archives/security-announce/2006/May/msg00003.html | Patch |
http://www.us-cert.gov/cas/techalerts/TA06-132A.html | Patch Third Party Advisory US Government Resource |
http://securitytracker.com/id?1016067 | Patch |
http://secunia.com/advisories/20077 | Patch Vendor Advisory |
http://www.securityfocus.com/bid/17951 | |
http://www.vupen.com/english/advisories/2006/1779 | Vendor Advisory |
http://www.vupen.com/english/advisories/2006/1452 | Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/25951 | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/25949 |
Configurations
Configuration 1 (hide)
|
Information
Published : 2006-04-21 15:02
Updated : 2017-07-19 18:31
NVD link : CVE-2006-1983
Mitre link : CVE-2006-1983
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
apple
- mac_os_x
- mac_os_x_server