Информационная безопасность
[RU] switch to English


Ошибки форматной строки во многих продуктах Apple
Опубликовано:1 февраля 2007 г.
Источник:
SecurityVulns ID:7141
Тип:клиент
Уровень опасности:
7/10
Описание:Ошибки форматной строки во многих клиентских приложениях.
Затронутые продукты:APPLE : Mac OS X 10.4
 APPLE : Safari 2.0
 APPLE : Help Viewer 3.0
 APPLE : iMovie HD 6.0
 APPLE : iPhoto 6.0
CVE:CVE-2007-0647 (Format string vulnerability in Help Viewer 3.0.0 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling the NSBeginAlertSheet Apple AppKit function.)
 CVE-2007-0646 (Format string vulnerability in iMovie HD 6.0.3 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling the NSRunCriticalAlertPanel Apple AppKit function.)
 CVE-2007-0645 (Format string vulnerability in iPhoto 6.0.5 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling certain Apple AppKit functions.)
 CVE-2007-0644 (Format string vulnerability in Apple Safari 2.0.4 (419.3) allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in filenames that are not properly handled when calling the (1) NSLog and (2) NSBeginAlertSheet Apple AppKit functions.)
Оригинальный текстdocumentMOAB, MOAB-30-01-2007: Multiple Apple Software Format String Vulnerabilities (01.02.2007)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород