Computer Security
[EN] securityvulns.ru no-pyccku


Apple QuickDraw libraries memory corruption
Published:24.01.2007
Source:
SecurityVulns ID:7102
Type:library
Threat Level:
6/10
Description:Memory corruption on maleformed PICT image ARGB record.
Affected:APPLE : Mac OS X 10.4
CVE:CVE-2007-0588 (The InternalUnpackBits function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT file that triggers memory corruption in the _GetSrcBits32ARGB function. NOTE: this issue might overlap CVE-2007-0462.)
 CVE-2007-0462 (The _GetSrcBits32ARGB function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT image with a malformed Alpha RGB (ARGB) record, which triggers memory corruption.)
Original documentdocumentMOAB, MOAB-23-01-2007: Apple QuickDraw GetSrcBits32ARGB() Memory Corruption Vulnerability (24.01.2007)
Files:Exploits Apple QuickDraw GetSrcBits32ARGB() Memory Corruption Vulnerability

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod