CVE-2006-2277 | Vulnerability Database | Aqua Security

Multiple Apple Mac OS X 10.4 applications might allow context-dependent attackers to cause a denial of service (application crash) via a crafted OpenEXR (.exr) image file, which triggers the crash when opening a folder using Finder, displaying the image in Safari, or using Preview to open the file.

Affected Software

Name	Vendor	Start Version	End Version
Mac_os_x	Apple	10.4 (including)	10.4 (including)
Mac_os_x	Apple	10.4.1 (including)	10.4.1 (including)
Mac_os_x	Apple	10.4.2 (including)	10.4.2 (including)
Mac_os_x	Apple	10.4.3 (including)	10.4.3 (including)
Mac_os_x	Apple	10.4.4 (including)	10.4.4 (including)
Mac_os_x	Apple	10.4.5 (including)	10.4.5 (including)
Mac_os_x	Apple	10.4.6 (including)	10.4.6 (including)

References

http://www.osvdb.org/27780
http://www.securityfocus.com/archive/1/432587/100/0/threaded
http://www.securityfocus.com/bid/17768
https://github.com/openexr/openexr/issues/564
http://www.osvdb.org/27780
http://www.securityfocus.com/archive/1/432587/100/0/threaded
http://www.securityfocus.com/bid/17768
https://github.com/openexr/openexr/issues/564

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-2277
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html