1249 matches found
CVE-2011-0191
Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF image with JPEG encoding...
DEBIAN-CVE-2011-0191
Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF image with JPEG encoding...
Heap overflow
Heap-based buffer overflow in ImageIO in CoreGraphics in Apple iTunes before 10.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted International Color Consortium ICC profile in a JPEG image...
Buffer overflow
Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF Internet Fax image file tha...
CVE-2011-0170
Heap-based buffer overflow in ImageIO in CoreGraphics in Apple iTunes before 10.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted International Color Consortium ICC profile in a JPEG image...
CVE-2011-0170
CVE-2011-0170 : The vulnerability is an ImageIO/CoreGraphics heap buffer overflow in Apple’s iTunes stack (Mac OS X component) triggered by a crafted ICC profile in a JPEG image. Public docs in connected sources confirm ImageIO-related heap overflow issues affecting Mac OS X components (Apple iTu...
CVE-2011-0191
Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF image with JPEG encoding...
CVE-2011-0191
CVE-2011-0191 is a buffer overflow in LibTIFF 3.9.4 (and possibly other versions) exploited via a crafted TIFF image with JPEG encoding, affecting ImageIO in Apple iTunes before 10.2 and related products, potentially enabling remote code execution or a denial of service. Connected advisories (SUS...
CVE-2011-0192
Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF Internet Fax image file tha...
Apple Fixes Nearly 60 Bugs With iTunes 10.2 Release
Apple has released a new version of its ubiquitous iTunes software that includes fixes for nearly 60 vulnerabilities, including several bugs that could be used to run remote code on vulnerable machines. Most of the vulnerabilities that Apple fixed with the release of iTunes 10.2 lie in the open...
Apple Releases iTunes 10.2
Apple has released iTunes 10.2 to address multiple vulnerabilities affecting the ImageIO, libxml, and WebKit packages. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to revie...
Apple iTunes < 10.2 Multiple Vulnerabilities (credentialed check)
The version of Apple iTunes installed on the remote Windows host is older than 10.2. As such, it is affected by numerous issues in the following components : - ImageIO - libxml - WebKit C Tenable Network Security, Inc. include"compat.inc"; if description scriptid52534; scriptversion"1.21";...
About the security content of iTunes 10.2
About the security content of iTunes 10.2 Last Modified: March 02, 2011 Article: HT4554 Email this article Print this page Summary This document describes the security content of iTunes 10.2. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a...
CVE-2011-0192
Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF Internet Fax image file tha...
NGS00015 Patch Notification: ImageIO Memory Corruption
ImageIO Memory Corruption - CVE-2010-1845 22/11/2010 Dominic Chell of NGS Secure has discovered a high risk memory corruption vulnerability affecting the ImageIO rendering framework. Viewing a maliciously crafted PSD image may lead to an unexpected application termination or arbitrary code...
CVE-2010-1845
ImageIO in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted PSD image...
Memory corruption
ImageIO in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted PSD image...
CVE-2010-1845
CVE-2010-1845 affects ImageIO in Mac OS X 10.5.8 and 10.6.x up to 10.6.4; a crafted PSD image can cause memory corruption, leading to arbitrary code execution or application crash. Public data from NVD and Vulners DOC confirms the issue: ImageIO’s PSD handling is the vulnerable component, with im...
Mac OS X 10.6 < 10.6.5 Multiple Vulnerabilities
Versions of Mac OS X 10.6 earlier than 10.6.5 are potentially affected by multiple vulnerabilities. Mac OS X 10.6.5 contains security fixes for the following products : - AFP Server - Apache modperl - Apache - AppKit - ATS - CFNetwork - CoreGraphics - CoreText - CUPS - Directory Services -...
OpenJDK JPEG writeImage remote code execution (6963023)
Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.227 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU...