Multiple heap-based buffer overflows in Mac OS X 10.4.6 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) PredictorVSetField function for TIFF or (2) CFAllocatorAllocate function for GIF, as used in applications that use ImageIO or AppKit. NOTE: the BMP vector has been re-assigned to CVE-2006-2238 because it affects a separate product family.
2006-04-21T22:02:00.000
2025-04-03T01:03:51.193
Deferred
CVSSv2: 6.4 (MEDIUM)
AV:N/AC:L/Au:N/C:N/I:P/A:P
10.0
4.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | apple | mac_os_x | 10.3 | Yes |
| Operating System | apple | mac_os_x | 10.3.1 | Yes |
| Operating System | apple | mac_os_x | 10.3.2 | Yes |
| Operating System | apple | mac_os_x | 10.3.3 | Yes |
| Operating System | apple | mac_os_x | 10.3.4 | Yes |
| Operating System | apple | mac_os_x | 10.3.5 | Yes |
| Operating System | apple | mac_os_x | 10.3.6 | Yes |
| Operating System | apple | mac_os_x | 10.3.7 | Yes |
| Operating System | apple | mac_os_x | 10.3.8 | Yes |
| Operating System | apple | mac_os_x | 10.3.9 | Yes |
| Operating System | apple | mac_os_x | 10.4 | Yes |
| Operating System | apple | mac_os_x | 10.4.1 | Yes |
| Operating System | apple | mac_os_x | 10.4.2 | Yes |
| Operating System | apple | mac_os_x | 10.4.3 | Yes |
| Operating System | apple | mac_os_x | 10.4.4 | Yes |
| Operating System | apple | mac_os_x | 10.4.5 | Yes |
| Operating System | apple | mac_os_x | 10.4.6 | Yes |
| Operating System | apple | mac_os_x_server | 10.3 | Yes |
| Operating System | apple | mac_os_x_server | 10.3.1 | Yes |
| Operating System | apple | mac_os_x_server | 10.3.2 | Yes |
| Operating System | apple | mac_os_x_server | 10.3.3 | Yes |
| Operating System | apple | mac_os_x_server | 10.3.4 | Yes |
| Operating System | apple | mac_os_x_server | 10.3.5 | Yes |
| Operating System | apple | mac_os_x_server | 10.3.6 | Yes |
| Operating System | apple | mac_os_x_server | 10.3.7 | Yes |
| Operating System | apple | mac_os_x_server | 10.3.8 | Yes |
| Operating System | apple | mac_os_x_server | 10.3.9 | Yes |
| Operating System | apple | mac_os_x_server | 10.4 | Yes |
| Operating System | apple | mac_os_x_server | 10.4.1 | Yes |
| Operating System | apple | mac_os_x_server | 10.4.2 | Yes |
| Operating System | apple | mac_os_x_server | 10.4.3 | Yes |
| Operating System | apple | mac_os_x_server | 10.4.4 | Yes |
| Operating System | apple | mac_os_x_server | 10.4.5 | Yes |
| Operating System | apple | mac_os_x_server | 10.4.6 | Yes |