CVE-2006-1552 | Vulnerability Database | Aqua Security

Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to cause a denial of service (crash) via a crafted JPEG image with malformed JPEG metadata, as demonstrated using Safari, aka Deja-Doom.

Affected Software

Name	Vendor	Start Version	End Version
Safari	Apple	1.0 (including)	1.0 (including)
Safari	Apple	1.1 (including)	1.1 (including)
Safari	Apple	1.2 (including)	1.2 (including)
Safari	Apple	1.2.1 (including)	1.2.1 (including)
Safari	Apple	1.2.2 (including)	1.2.2 (including)
Safari	Apple	1.2.3 (including)	1.2.3 (including)
Safari	Apple	1.3 (including)	1.3 (including)
Safari	Apple	2.0 (including)	2.0 (including)
Safari	Apple	2.0.1 (including)	2.0.1 (including)
Safari	Apple	2.0.2 (including)	2.0.2 (including)
Safari	Apple	2.0_pre (including)	2.0_pre (including)
Safari	Apple	beta2 (including)	beta2 (including)

References

http://drunkenblog.com/drunkenblog-archives/000760.html
http://lists.apple.com/archives/security-announce/2006/May/msg00003.html
http://secunia.com/advisories/20077
http://www.osvdb.org/25597
http://www.securityfocus.com/bid/17321
http://www.securityfocus.com/bid/17951
http://www.us-cert.gov/cas/techalerts/TA06-132A.html
http://www.vupen.com/english/advisories/2006/1779
https://exchange.xforce.ibmcloud.com/vulnerabilities/26412
http://drunkenblog.com/drunkenblog-archives/000760.html
http://lists.apple.com/archives/security-announce/2006/May/msg00003.html
http://secunia.com/advisories/20077
http://www.osvdb.org/25597
http://www.securityfocus.com/bid/17321
http://www.securityfocus.com/bid/17951
http://www.us-cert.gov/cas/techalerts/TA06-132A.html
http://www.vupen.com/english/advisories/2006/1779
https://exchange.xforce.ibmcloud.com/vulnerabilities/26412

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-1552
CWE	https://cwe.mitre.org/data/definitions/189.html