5 matches found
VUPEN Security Research - Apple iTunes ColorSync Profile Integer Overflow Vulnerability
VUPEN Security Research - Apple iTunes ColorSync Profile Integer Overflow Vulnerability http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "iTunes is a free application for Mac or PC. It organizes and plays digital music and video on computers. It syncs all media files...
iTunes < 9.1 Multiple Vulnerabilities
Binary data 5491.prm...
CVE-2010-0040
Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service application crash via an image with a crafted color profile that triggers a heap-based buffer overflow...
iDefense Security Advisory 03.11.10: Multiple Vendor WebKit HTML Element Use After Free Vulnerability
iDefense Security Advisory 03.11.10 http://labs.idefense.com/intelligence/vulnerabilities/ Mar 11, 2010 I. BACKGROUND WebKit is an open source web browser engine. It is currently used by Apple Inc.'s Safari browser, as well as by Google's Chrome browser. For more information, see the vendor's sit...
CVE-2010-0040
CVE-2010-0040 arises from an integer overflow in ColorSync when processing images with an embedded color profile, causing a heap-based buffer overflow. Affected products include Apple Safari on Windows (pre-4.0.5) and iTunes before 9.1. Impact: remote code execution or an application crash. The i...