Lucene search

[email protected]CVE-2007-1071

HistoryFeb 22, 2007 - 10:28 p.m.

CVE-2007-1071

2007-02-2222:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-1071

integer overflow

imageio

apple mac os x

denial of service

segmentation fault

arbitrary code

7.5 High

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.595 Medium

EPSS

Percentile

97.7%

JSON

Integer overflow in the gifGetBandProc function in ImageIO in Apple Mac OS X 10.4.8 allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image that triggers the overflow during decompression. NOTE: this is a different issue than CVE-2006-3502 and CVE-2006-3503.

CPENameOperatorVersion
apple:mac_os_x_serverapple mac os x servereq10.4.8
apple:mac_os_xapple mac os xeq10.4.8

CPE	Name	Operator	Version
apple:mac_os_x_server	apple mac os x server	eq	10.4.8
apple:mac_os_x	apple mac os x	eq	10.4.8

References

docs.info.apple.com/article.html?artnum=305214

lists.apple.com/archives/security-announce/2007/Mar/msg00002.html

secunia.com/advisories/24479

security-protocols.com/sp-x39-advisory.php

www.kb.cert.org/vuls/id/559444

www.osvdb.org/34854

www.securityfocus.com/bid/22630

www.securitytracker.com/id?1017758

www.us-cert.gov/cas/techalerts/TA07-072A.html

www.vupen.com/english/advisories/2007/0930

7.5 High

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.595 Medium

EPSS

Percentile

97.7%

JSON

Related for CVE-2007-1071

prion1 checkpoint_advisories2 cert3 securityvulns1 cve2 seebug1 nessus2