CVE-2008-3623 Information
Description
Heap-based buffer overflow in CoreGraphics in Apple Safari before 3.2 on Windows in iPhone OS 1.0 through 2.2.1 and in iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image related to improper handling of color spaces.
Reference
http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html http://secunia.com/advisories/32706 http://secunia.com/advisories/33179 http://support.apple.com/kb/HT3298 http://support.apple.com/kb/HT3338 http://support.apple.com/kb/HT3639 http://www.securityfocus.com/bid/32291 http://www.securitytracker.com/id?1021225 http://www.us-cert.gov/cas/techalerts/TA08-350A.html http://www.vupen.com/english/advisories/2008/3444 http://www.vupen.com/english/advisories/2009/1621
Share on: