Computer Security
[EN] securityvulns.ru no-pyccku


Apple multiple applications format string vulnerabilities
Published:01.02.2007
Source:
SecurityVulns ID:7141
Type:client
Threat Level:
7/10
Description:Format string vulnerabilities in multiple client applications.
Affected:APPLE : Mac OS X 10.4
 APPLE : Safari 2.0
 APPLE : Help Viewer 3.0
 APPLE : iMovie HD 6.0
 APPLE : iPhoto 6.0
CVE:CVE-2007-0647 (Format string vulnerability in Help Viewer 3.0.0 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling the NSBeginAlertSheet Apple AppKit function.)
 CVE-2007-0646 (Format string vulnerability in iMovie HD 6.0.3 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling the NSRunCriticalAlertPanel Apple AppKit function.)
 CVE-2007-0645 (Format string vulnerability in iPhoto 6.0.5 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling certain Apple AppKit functions.)
 CVE-2007-0644 (Format string vulnerability in Apple Safari 2.0.4 (419.3) allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in filenames that are not properly handled when calling the (1) NSLog and (2) NSBeginAlertSheet Apple AppKit functions.)
Original documentdocumentMOAB, MOAB-30-01-2007: Multiple Apple Software Format String Vulnerabilities (01.02.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod