CVE-2006-3356Apple MAC OS X vulnerability

2 documents2 sources
Severity
2.6LOWNVD
EPSS
0.7%
top 27.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MAC OS XApple MAC OS X Server
Timeline
PublishedJul 6
Latest updateMay 1

Description

The TIFFFetchAnyArray function in ImageIO in Apple OS X 10.4.7 and earlier allows remote user-assisted attackers to cause a denial of service (application crash) via an invalid tag value in a TIFF image, possibly triggering a null dereference. NOTE: This is a different issue than CVE-2006-1469.

CVSS vector

AV:N/AC:H/C:N/I:N/A:PExploitability: 4.9 | Impact: 2.9

Affected Packages2 packages

NVDapple/mac_os_x10.4.7

🔴Vulnerability Details

1
GHSA
GHSA-rv4w-xqjc-ghjp: The TIFFFetchAnyArray function in ImageIO in Apple OS X 102022-05-01