Stack-based Buffer Overflow in Apple Mac OS X and Digital Camera RAW Compatibility
CVE-2008-0987

Currently unrated

Key Information:

Vendor: Apple
Status: Aperture; Iphoto
Vendor: CVE Published:; 18 March 2008

What is CVE-2008-0987?

A stack-based buffer overflow exists in the Image Raw component of Apple Mac OS X 10.5.2 and earlier versions of Digital Camera RAW Compatibility. This vulnerability can be exploited by remote attackers through specially crafted Adobe Digital Negative (DNG) images, potentially allowing the execution of arbitrary code on affected systems. Users are recommended to update their software to mitigate these security risks.

References

http://www.securityfocus.com/bid/28304

vdb-entryx_refsource_BID

http://www.vupen.com/english/advisories/2008/0957/references

vdb-entryx_refsource_VUPEN

http://www.us-cert.gov/cas/techalerts/TA08-079A.html

third-party-advisoryx_refsource_CERT

EPSS Score

27% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 18, 2008
Vulnerability Reserved
Feb 26, 2008