2 matches found
ILife Photocast XML Title Format String Code Execution - Ver2 (CVE-2007-0051)
A code execution vulnerability has been reported in Apple iPhoto. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2007-0051
The CVE affects Apple iPhoto up to version 6.0.5 (and older than 6.0.6). A format-string vulnerability in the title of an iPhoto photocast RSS feed enables remote code execution. Underlying cause: crafted input with format specifiers is processed by iPhoto, leading to arbitrary code execution. Im...