Lucene search
K

1249 matches found

OSV
OSV
added 2011/03/03 8:0 p.m.8 views

CVE-2011-0191

Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF image with JPEG encoding...

9.4AI score
Exploits0References19
OSV
OSV
added 2011/03/03 8:0 p.m.1 views

DEBIAN-CVE-2011-0191

Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF image with JPEG encoding...

9.3CVSS6.4AI score0.06722EPSS
Exploits0References1
Prion
Prion
added 2011/03/03 8:0 p.m.13 views

Heap overflow

Heap-based buffer overflow in ImageIO in CoreGraphics in Apple iTunes before 10.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted International Color Consortium ICC profile in a JPEG image...

9.3CVSS8.4AI score0.04756EPSS
Exploits0References8Affected Software1
Prion
Prion
added 2011/03/03 8:0 p.m.32 views

Buffer overflow

Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF Internet Fax image file tha...

9.3CVSS8.4AI score0.07474EPSS
Exploits0References43Affected Software1
Cvelist
Cvelist
added 2011/03/03 7:0 p.m.18 views

CVE-2011-0170

Heap-based buffer overflow in ImageIO in CoreGraphics in Apple iTunes before 10.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted International Color Consortium ICC profile in a JPEG image...

7.6AI score0.04756EPSS
Exploits0References8
CVE
CVE
added 2011/03/03 7:0 p.m.61 views

CVE-2011-0170

CVE-2011-0170 : The vulnerability is an ImageIO/CoreGraphics heap buffer overflow in Apple’s iTunes stack (Mac OS X component) triggered by a crafted ICC profile in a JPEG image. Public docs in connected sources confirm ImageIO-related heap overflow issues affecting Mac OS X components (Apple iTu...

9.3CVSS7.4AI score0.04756EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2011/03/03 7:0 p.m.22 views

CVE-2011-0191

Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF image with JPEG encoding...

7.6AI score0.06722EPSS
Exploits0References18
CVE
CVE
added 2011/03/03 7:0 p.m.95 views

CVE-2011-0191

CVE-2011-0191 is a buffer overflow in LibTIFF 3.9.4 (and possibly other versions) exploited via a crafted TIFF image with JPEG encoding, affecting ImageIO in Apple iTunes before 10.2 and related products, potentially enabling remote code execution or a denial of service. Connected advisories (SUS...

9.3CVSS7.5AI score0.06722EPSS
Exploits0References18Affected Software1
Debian CVE
Debian CVE
added 2011/03/03 7:0 p.m.21 views

CVE-2011-0192

Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF Internet Fax image file tha...

9.3CVSS6.4AI score0.07474EPSS
Exploits0
ThreatPost
ThreatPost
added 2011/03/03 6:54 p.m.7 views

Apple Fixes Nearly 60 Bugs With iTunes 10.2 Release

Apple has released a new version of its ubiquitous iTunes software that includes fixes for nearly 60 vulnerabilities, including several bugs that could be used to run remote code on vulnerable machines. Most of the vulnerabilities that Apple fixed with the release of iTunes 10.2 lie in the open...

1.1AI score
Exploits0References2
CISA
CISA
added 2011/03/03 12:0 a.m.12 views

Apple Releases iTunes 10.2

Apple has released iTunes 10.2 to address multiple vulnerabilities affecting the ImageIO, libxml, and WebKit packages. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to revie...

7.9AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2011/03/03 12:0 a.m.39 views

Apple iTunes < 10.2 Multiple Vulnerabilities (credentialed check)

The version of Apple iTunes installed on the remote Windows host is older than 10.2. As such, it is affected by numerous issues in the following components : - ImageIO - libxml - WebKit C Tenable Network Security, Inc. include"compat.inc"; if description scriptid52534; scriptversion"1.21";...

9.8CVSS7.3AI score0.43382EPSS
Exploits11References59
securityvulns
securityvulns
added 2011/03/03 12:0 a.m.194 views

About the security content of iTunes 10.2

About the security content of iTunes 10.2 Last Modified: March 02, 2011 Article: HT4554 Email this article Print this page Summary This document describes the security content of iTunes 10.2. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a...

10CVSS0.2AI score0.43382EPSS
Exploits11
UbuntuCve
UbuntuCve
added 2011/03/02 12:0 a.m.38 views

CVE-2011-0192

Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF Internet Fax image file tha...

9.3CVSS7AI score0.07474EPSS
Exploits0References2
securityvulns
securityvulns
added 2010/11/23 12:0 a.m.43 views

NGS00015 Patch Notification: ImageIO Memory Corruption

ImageIO Memory Corruption - CVE-2010-1845 22/11/2010 Dominic Chell of NGS Secure has discovered a high risk memory corruption vulnerability affecting the ImageIO rendering framework. Viewing a maliciously crafted PSD image may lead to an unexpected application termination or arbitrary code...

6.8CVSS9.7AI score0.02895EPSS
Exploits0
NVD
NVD
added 2010/11/16 10:0 p.m.20 views

CVE-2010-1845

ImageIO in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted PSD image...

6.8CVSS7.6AI score0.02895EPSS
Exploits0References4
Prion
Prion
added 2010/11/16 10:0 p.m.15 views

Memory corruption

ImageIO in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted PSD image...

6.8CVSS8.1AI score0.02895EPSS
Exploits0References4Affected Software2
CVE
CVE
added 2010/11/16 9:0 p.m.59 views

CVE-2010-1845

CVE-2010-1845 affects ImageIO in Mac OS X 10.5.8 and 10.6.x up to 10.6.4; a crafted PSD image can cause memory corruption, leading to arbitrary code execution or application crash. Public data from NVD and Vulners DOC confirms the issue: ImageIO’s PSD handling is the vulnerable component, with im...

6.8CVSS9.3AI score0.02895EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2010/11/11 12:0 a.m.53 views

Mac OS X 10.6 < 10.6.5 Multiple Vulnerabilities

Versions of Mac OS X 10.6 earlier than 10.6.5 are potentially affected by multiple vulnerabilities. Mac OS X 10.6.5 contains security fixes for the following products : - AFP Server - Apache modperl - Apache - AppKit - ATS - CFNetwork - CoreGraphics - CoreText - CUPS - Directory Services -...

10CVSS2AI score0.94248EPSS
Exploits109References131
RedHat Linux
RedHat Linux
added 2010/11/10 7:0 p.m.5 views

OpenJDK JPEG writeImage remote code execution (6963023)

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.227 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU...

10CVSS5.9AI score0.05616EPSS
Exploits0References4
Rows per page
Query Builder