CVE-2007-0051

Currently unrated

Key Information:

Vendor: Apple
Status: Iphoto
Vendor: CVE Published:; 4 January 2007

Summary

Format string vulnerability in Apple iPhoto 6.0.5 (316), and other versions before 6.0.6, allows remote user-assisted attackers to execute arbitrary code via a crafted photocast with format string specifiers in the title of an RSS iPhoto feed.

References

http://secunia.com/advisories/23615

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/archive/1/455968/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/21871

vdb-entryx_refsource_BID

EPSS Score

88% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 4, 2007
Vulnerability Reserved
Jan 4, 2007