CVE-2007-1071 - CVE Reference - Advisories

CVE Reference: CVE-2007-1071

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-1071

Description: Integer overflow in the gifGetBandProc function in ImageIO in Apple Mac OS X 10.4.8 allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image that triggers the overflow during decompression. NOTE: this is a different issue than CVE-2006-3502 and CVE-2006-3503.

CVE Status: Candidate

References: ST 1017758 SAID Secunia Advisory: SA24479 OSVDB 34854 MISC http://security-protocols.com/sp-x39-advisory.php CONFIRM http://docs.info.apple.com/article.html?artnum=305214 CERT-VN 559444 CERT http://www.us-cert.gov/cas/techalerts/TA07-072A.html BID 22630 APPLE http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	OpenOffice "rtl_allocateMe mory()" Truncation Vulnerability

2.	JustSystems Ichitaro Products Unspecified Code Execution Vulnerability

3.	Red Hat update for tomcat

4.	Red Hat Directory Server Denial of Service Vulnerabilities

5.	HP-UX update for Apache

6.	Tiger "genmsgidx" Insecure Temporary Files

7.	Red Hat update for openoffice.org

8.	Ampache "gather-message s.sh" Insecure Temporary Files

9.	Red Hat Directory Server Multiple Vulnerabilities

10.	Honeyd "test.sh" Insecure Temporary Files