Description
Integer overflow in ImageIO in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XBM image.
Affected products
- Apple / imageio
- Apple / mac_os_x10.5.8 – 10.5.8
- Apple / mac_os_x10.6.0 – 10.6.0
- Apple / mac_os_x10.6.1 – 10.6.1
- Apple / mac_os_x10.6.2 – 10.6.2
- Apple / mac_os_x10.6.3 – 10.6.3
- Apple / mac_os_x10.6.4 – 10.6.4
- Apple / mac_os_x10.6.5 – 10.6.5
- Apple / mac_os_x10.6.6
- Apple / mac_os_x_server10.6.6
- Apple / mac_os_x_server10.5.8 – 10.5.8
- Apple / mac_os_x_server10.6.0 – 10.6.0
- Apple / mac_os_x_server10.6.1 – 10.6.1
- Apple / mac_os_x_server10.6.2 – 10.6.2
- Apple / mac_os_x_server10.6.3 – 10.6.3
- Apple / mac_os_x_server10.6.4 – 10.6.4
- Apple / mac_os_x_server10.6.5 – 10.6.5
References
- MAILING_LISThttp://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
- VENDOR_ADVISORYhttp://support.apple.com/kb/HT4581