Format String Vulnerability in iPhoto Affects Apple
CVE-2007-0645

Currently unrated

Key Information:

Vendor: Apple
Status: Iphoto
Vendor: CVE Published:; 1 February 2007

What is CVE-2007-0645?

The format string vulnerability identified in iPhoto 6.0.5 can be exploited by remote user-assisted attackers. By manipulating format string specifiers in filenames, the attackers may cause the application to crash, resulting in a denial of service. This issue arises from improper handling when certain functions in Apple’s AppKit framework are called, highlighting the need for updates and patches to safeguard against potential exploits.

References

http://projects.info-pull.com/moab/MOAB-30-01-2007.html

x_refsource_MISC

http://www.securityfocus.com/bid/22326

vdb-entryx_refsource_BID

http://www.osvdb.org/32711

vdb-entryx_refsource_OSVDB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 1, 2007
Vulnerability Reserved
Jan 31, 2007