CVE-2008-2322

Currently unrated

Key Information:

Vendor: Apple
Status: Coregraphics
Vendor: CVE Published:; 4 August 2008

Summary

Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11, 10.5.2, and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF file with a long Type 1 font, which triggers a heap-based buffer overflow.

References

http://lists.apple.com/archives/security-announce//2008/J...

vendor-advisoryx_refsource_APPLE

http://www.securityfocus.com/bid/30489

vdb-entryx_refsource_BID

http://www.vupen.com/english/advisories/2008/2268

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Aug 4, 2008
Vulnerability Reserved
May 18, 2008