CVE-2010-0037Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple MAC OS X

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
8.8HIGHNVD
EPSS
4.7%
top 10.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MAC OS XApple MAC OS X Server
Timeline
PublishedJan 20
Latest updateMay 2

Description

Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted DNG image.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

NVDapple/mac_os_x10.5.8, 10.6.2+1
NVDapple/mac_os_x_server10.5.8, 10.6.2+1

🔴Vulnerability Details

2
GHSA
GHSA-h56p-4234-4fqf: Buffer overflow in Image RAW in Apple Mac OS X 102022-05-02
CVEList
CVE-2010-0037: Buffer overflow in Image RAW in Apple Mac OS X 102010-01-20

💬Community

1
Bugzilla
CVE-2009-3956 acroread: script injection vulnerability (APSB10-02)2010-01-11
CVE-2010-0037 — Apple MAC OS X vulnerability | cvebase