CVE-2011-0205

Description

Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image.

Affected products

• Apple / imageio
• Apple / mac_os_x10.5.8 – 10.5.8
• Apple / mac_os_x10.6.0 – 10.6.0
• Apple / mac_os_x10.6.1 – 10.6.1
• Apple / mac_os_x10.6.2 – 10.6.2
• Apple / mac_os_x10.6.3 – 10.6.3
• Apple / mac_os_x10.6.4 – 10.6.4
• Apple / mac_os_x10.6.5 – 10.6.5
• Apple / mac_os_x10.6.6 – 10.6.6
• Apple / mac_os_x10.6.7 – 10.6.7
• Apple / mac_os_x_server10.5.8 – 10.5.8
• Apple / mac_os_x_server10.6.0 – 10.6.0
• Apple / mac_os_x_server10.6.1 – 10.6.1
• Apple / mac_os_x_server10.6.2 – 10.6.2
• Apple / mac_os_x_server10.6.3 – 10.6.3
• Apple / mac_os_x_server10.6.4 – 10.6.4
• Apple / mac_os_x_server10.6.5 – 10.6.5
• Apple / mac_os_x_server10.6.6 – 10.6.6
• Apple / mac_os_x_server10.6.7 – 10.6.7

References

• VENDOR_ADVISORYhttp://support.apple.com/kb/HT4723
• MAILING_LISThttp://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html
• MISChttp://www.securityfocus.com/bid/48439