CVE-2006-1983

high

Description

Multiple heap-based buffer overflows in Mac OS X 10.4.6 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) PredictorVSetField function for TIFF or (2) CFAllocatorAllocate function for GIF, as used in applications that use ImageIO or AppKit. NOTE: the BMP vector has been re-assigned to CVE-2006-2238 because it affects a separate product family.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/25951

https://exchange.xforce.ibmcloud.com/vulnerabilities/25949

http://www.vupen.com/english/advisories/2006/1779

http://www.vupen.com/english/advisories/2006/1452

http://www.us-cert.gov/cas/techalerts/TA06-132A.html

http://www.securityfocus.com/bid/17951

http://www.security-protocols.com/sp-x30-advisory.php

http://www.security-protocols.com/sp-x28-advisory.php

http://www.osvdb.org/24822

http://www.osvdb.org/24821

http://securitytracker.com/id?1016067

http://secunia.com/advisories/20077

http://secunia.com/advisories/19686

http://lists.apple.com/archives/security-announce/2006/May/msg00003.html

Details

Source: Mitre, NVD

Published: 2006-04-21

Updated: 2017-07-20

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High