CVE-2005-1330 — Improper Input Validation in Apple MAC OS X

CWE-20 — Improper Input Validation2 documents2 sources

Severity

4.9MEDIUMNVD

EPSS

0.1%

top 82.41%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X Apple MAC OS X Server

Timeline

PublishedMay 4

Latest updateMay 1

Description

AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception.

CVSS vector

AV:L/AC:L/C:N/I:N/A:CExploitability: 3.9 | Impact: 6.9

Affected Packages2 packages

▶NVDapple/mac_os_x10.3.9

▶NVDapple/mac_os_x_server10.3.9

🔴Vulnerability Details

GHSA

GHSA-86fv-8hq6-mg5f: AppKit in Mac OS X 10↗2022-05-01

▶