CVE-2006-1983

Sažetak

Multiple heap-based buffer overflows in Mac OS X 10.4.6 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) PredictorVSetField function for TIFF or (2) CFAllocatorAllocate function for GIF, as used in applications that use ImageIO or AppKit. NOTE: the BMP vector has been re-assigned to CVE-2006-2238 because it affects a separate product family.

Reference

http://lists.apple.com/archives/security-announce/2006/May/msg00003.html
http://secunia.com/advisories/19686
http://secunia.com/advisories/20077
http://securitytracker.com/id?1016067
http://www.osvdb.org/24821
http://www.osvdb.org/24822
http://www.securityfocus.com/bid/17634
http://www.securityfocus.com/bid/17951
http://www.security-protocols.com/modules.php?name=News&file=article&sid=3233
http://www.security-protocols.com/sp-x28-advisory.php
http://www.security-protocols.com/sp-x30-advisory.php
http://www.us-cert.gov/cas/techalerts/TA06-132A.html
http://www.vupen.com/english/advisories/2006/1452
http://www.vupen.com/english/advisories/2006/1779
https://exchange.xforce.ibmcloud.com/vulnerabilities/25949
https://exchange.xforce.ibmcloud.com/vulnerabilities/25951

CVSS

Base:	6.4
Impact:	4.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:P/A:P

Zadnje važnije ažuriranje

20-07-2017 - 01:31

Objavljeno

21-04-2006 - 22:02