Lucene search

K
exploitdbLMHEDB-ID:29554
HistoryJan 30, 2007 - 12:00 a.m.

Apple Mac OSX 10.4.x - iPhoto 'photo://' URL Handling Format String

2007-01-3000:00:00
LMH
www.exploit-db.com
8

7.4 High

AI Score

Confidence

Low

0 Low

EPSS

Percentile

0.0%

source: https://www.securityfocus.com/bid/22326/info
  
Multiple products for Mac OS X are prone to multiple remote format-string vulnerabilities. The affected applications include Help Viewer, Safari, iPhoto, and iMovie.
  
Exploiting these issues can allow attacker-supplied data to be written to arbitrary memory locations, which can facilitate the execution of arbitrary machine code with the privileges of a targeted application. Failed exploit attempts will likely crash the application.
  
Help Viewer 3.0.0, Safari 2.0.4, iMovie HD 6.0.3, and iPhoto 6.0.5 are reported affected; other versions may be vulnerable as well.
  
open 'photo://%25n%25n%25n%25n%25n%25n'

7.4 High

AI Score

Confidence

Low

0 Low

EPSS

Percentile

0.0%