CVE-2006-1983 Information

Description

Multiple heap-based buffer overflows in Mac OS X 10.4.6 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) PredictorVSetField function for TIFF or (2) CFAllocatorAllocate function for GIF as used in applications that use ImageIO or AppKit. NOTE: the BMP vector has been re-assigned to CVE-2006-2238 because it affects a separate product family.

Reference

http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://secunia.com/advisories/19686 http://secunia.com/advisories/20077 http://securitytracker.com/id?1016067 http://www.osvdb.org/24821 http://www.osvdb.org/24822 http://www.securityfocus.com/bid/17634 http://www.securityfocus.com/bid/17951 http://www.security-protocols.com/modules.php?name=News&file=article&sid=3233 http://www.security-protocols.com/sp-x28-advisory.php http://www.security-protocols.com/sp-x30-advisory.php http://www.us-cert.gov/cas/techalerts/TA06-132A.html http://www.vupen.com/english/advisories/2006/1452 http://www.vupen.com/english/advisories/2006/1779 https://exchange.xforce.ibmcloud.com/vulnerabilities/25949 https://exchange.xforce.ibmcloud.com/vulnerabilities/25951