CVE-2008-3608Out-of-bounds Write in Apple MAC OS X

CWE-3993 documents3 sources
Severity
9.3CRITICALNVD
EPSS
4.8%
top 10.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MAC OS XApple MAC OS X Server
Timeline
PublishedSep 16
Latest updateMay 2

Description

ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted JPEG image with an embedded ICC profile.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDapple/mac_os_x6 versions+5
NVDapple/mac_os_x_server6 versions+5

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-q53r-vgvg-q6pj: ImageIO in Apple Mac OS X 102022-05-02
CVEList
CVE-2008-3608: ImageIO in Apple Mac OS X 102008-09-16
CVE-2008-3608 — Out-of-bounds Write in Apple MAC OS X | cvebase