Integer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5.8, and Safari before 4.0.4 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ColorSync profile embedded in an image, leading to a heap-based buffer overflow.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mac_os_x | Apple | 10.4.11 (including) | 10.4.11 (including) |
Mac_os_x | Apple | 10.5.8 (including) | 10.5.8 (including) |
Mac_os_x_server | Apple | 10.4.11 (including) | 10.4.11 (including) |
Mac_os_x_server | Apple | 10.5.8 (including) | 10.5.8 (including) |