Lucene search

[email protected]CVE-2006-1983

HistoryApr 21, 2006 - 10:02 p.m.

CVE-2006-1983

2006-04-2122:02:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2006-1983

mac os x

buffer overflow

denial of service

arbitrary code

imageio

appkit

8.2 High

AI Score

Confidence

High

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.108 Low

EPSS

Percentile

95.0%

JSON

Multiple heap-based buffer overflows in Mac OS X 10.4.6 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) PredictorVSetField function for TIFF or (2) CFAllocatorAllocate function for GIF, as used in applications that use ImageIO or AppKit. NOTE: the BMP vector has been re-assigned to CVE-2006-2238 because it affects a separate product family.

CPENameOperatorVersion
apple:mac_os_xapple mac os xeq10.4.3
apple:mac_os_x_serverapple mac os x servereq10.4.3
apple:mac_os_x_serverapple mac os x servereq10.3.2
apple:mac_os_x_serverapple mac os x servereq10.3.7
apple:mac_os_x_serverapple mac os x servereq10.3.5
apple:mac_os_xapple mac os xeq10.3.1
apple:mac_os_xapple mac os xeq10.3.5
apple:mac_os_xapple mac os xeq10.4.1
apple:mac_os_x_serverapple mac os x servereq10.4.2
apple:mac_os_x_serverapple mac os x servereq10.3.3

CPE	Name	Operator	Version
apple:mac_os_x	apple mac os x	eq	10.4.3
apple:mac_os_x_server	apple mac os x server	eq	10.4.3
apple:mac_os_x_server	apple mac os x server	eq	10.3.2
apple:mac_os_x_server	apple mac os x server	eq	10.3.7
apple:mac_os_x_server	apple mac os x server	eq	10.3.5
apple:mac_os_x	apple mac os x	eq	10.3.1
apple:mac_os_x	apple mac os x	eq	10.3.5
apple:mac_os_x	apple mac os x	eq	10.4.1
apple:mac_os_x_server	apple mac os x server	eq	10.4.2
apple:mac_os_x_server	apple mac os x server	eq	10.3.3

Rows per page:

1-10 of 341

References

lists.apple.com/archives/security-announce/2006/May/msg00003.html

secunia.com/advisories/19686

secunia.com/advisories/20077

securitytracker.com/id?1016067

www.osvdb.org/24821

www.osvdb.org/24822

www.security-protocols.com/modules.php?name=News&file=article&sid=3233

www.security-protocols.com/sp-x28-advisory.php

www.security-protocols.com/sp-x30-advisory.php

www.securityfocus.com/bid/17634

www.securityfocus.com/bid/17951

www.us-cert.gov/cas/techalerts/TA06-132A.html

www.vupen.com/english/advisories/2006/1452

www.vupen.com/english/advisories/2006/1779

exchange.xforce.ibmcloud.com/vulnerabilities/25949

exchange.xforce.ibmcloud.com/vulnerabilities/25951

8.2 High

AI Score

Confidence

High

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.108 Low

EPSS

Percentile

95.0%

JSON

Related for CVE-2006-1983

prion2 cve1 checkpoint_advisories1 nessus3