Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11, 10.5.2, and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF file with a long Type 1 font, which triggers a heap-based buffer overflow.
Vector
NETWORK
Complexity
MEDIUM
Authentication
NONE
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE
| Advisory | Patch | Confirmed | Link |
|---|---|---|---|
| macosx-coregraphics-pdf-bo(44128) | |||
| ADV-2008-2268 | |||
| 1020604 | |||
| 30489 | |||
| 30483 | |||
| APPLE-SA-2008-07-31 | |||
| 20080731 Apple Mac OS X CoreGraphics PDF Type1 Font Inte... |