2009-09-14 18:30:00 2017-08-17 03:30:54

Integer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5.8, and Safari before 4.0.4 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ColorSync profile embedded in an image, leading to a heap-based buffer overflow.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL
Apple Safari 2.0.3 417.8 Apple Safari 2.0.3 417.9.3 Apple Safari 1.0.1 Apple Safari 3.1.1 Apple Safari 2.0.1 Apple Safari 1.0.0 Apple Safari 3.1.0 Apple Safari 2.0.3 417.9 Apple Safari 2.0.3 417.9.2 Apple Safari 2.0.0 Apple Safari 1.2.0 Apple Safari 1.0.2 Apple Safari 4 Beta Apple Safari 1.0.0b1 Apple Safari 4.0.3 Apple Safari 1.0.0b2 Apple Safari 4.0.0b Apple Safari 4.0 Apple Safari 2.0 Apple Safari 4.0.2 Apple Safari 4.0.1 Apple Safari 3.0.1b Apple Safari 0.9 (not an official CPE) Apple Safari 3.0.4 beta (not an official CPE) Apple Safari 2.0.3 417.9.3 (not an official CPE) Apple Safari 3.0.4b Apple Safari 0.8 (not an official CPE) Apple Safari 3.0.0b Apple Safari 3.0.0 Apple Safari 1.3.2 Apple Safari 1.3.1 Apple Safari 2.0.4 419.3 (not an official CPE) Apple Safari 1.3.0 Apple Safari 3.2.1 Apple Safari 3.0.3 Apple Safari 2.0 pre (not an official CPE) Apple Safari 1.1.0 Apple Safari 3.2.0 Apple Safari 3.0.2 Apple Safari 3.0.1 Apple Safari 1.1.1 Apple Safari 1.0 Beta2 Apple Safari 1.0 Beta Apple Safari 3.2.3 (not an official CPE) Apple Safari 3.2.2 Apple Safari 3.0.4 Apple Safari 3.1.0b Apple Safari 3.0 Apple Safari 1.3 Apple Safari 3.1 (not an official CPE) Apple Safari 1.2 Apple Safari 3 Apple Safari 1.0 Apple Safari 3.0.3b Apple Safari 3.2 (not an official CPE) Apple Safari 2 Apple Safari 3.1.2 Apple Safari 3.0.2b Apple Safari 3.0.1 Beta Apple Safari 1.2.4 Apple Safari 1.2.5 Apple Safari 1.0.3 Apple Safari 1.2.1 Apple Safari 1.2.2 Apple Safari 1.2.3 Apple Safari 2.0.3 Apple Safari 2.0.4 Apple Safari 2.0.2