Heap-based Buffer Overflow in Apple Mac OS X Affects ImageIO Component
CVE-2011-0205

Currently unrated

Key Information:

Vendor: Apple
Status: Mac Os X; Imageio
Vendor: CVE Published:; 24 June 2011

Summary

A heap-based buffer overflow vulnerability was identified in the ImageIO framework of Apple Mac OS X prior to version 10.6.8. This flaw allows remote attackers to craft malicious JPEG2000 images that, when processed, can lead to arbitrary code execution or cause the application to crash. Users of affected Mac OS X versions are urged to update their systems to mitigate potential risks associated with this vulnerability.

References

http://support.apple.com/kb/HT4723

x_refsource_CONFIRM

http://lists.apple.com/archives/security-announce/2011//J...

vendor-advisoryx_refsource_APPLE

http://www.securityfocus.com/bid/48439

vdb-entryx_refsource_BID

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 24, 2011
Vulnerability Reserved
Dec 23, 2010