CVE Reference: CVE-2006-1983

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2006-1983

Description:
Multiple heap-based buffer overflows in Mac OS X 10.4.6 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) PredictorVSetField function for TIFF or (2) CFAllocatorAllocate function for GIF, as used in applications that use ImageIO or AppKit. NOTE: the BMP vector has been re-assigned to CVE-2006-2238 because it affects a separate product family.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/25949
  http://xforce.iss.net/xforce/xfdb/25951

ST
  1016067

SAID
  Secunia Advisory: SA19686
  Secunia Advisory: SA20077

OSVDB
  24821
  24822

MISC
  http://www.security-protocols.com/modules.php?name=News&file=article&sid=3233
  http://www.security-protocols.com/sp-x30-advisory.php
  http://www.security-protocols.com/sp-x28-advisory.php

CERT
  http://www.us-cert.gov/cas/techalerts/TA06-132A.html

BID
  17634
  17951

APPLE
  http://lists.apple.com/archives/security-announce/2006/May/msg00003.html


Return to the previous page.