Apple Iphoto vulnerabilities

CVE-2008-0987 [MEDIUM] CWE-119 CVE-2008-0987: Stack-based buffer overflow in Image Raw in Apple Mac OS X 10.5.2, and Digital Camera RAW Compatibil Stack-based buffer overflow in Image Raw in Apple Mac OS X 10.5.2, and Digital Camera RAW Compatibility before Update 2.0 for Aperture 2 and iPhoto 7.1.2, allows remote attackers to execute arbitrary code via a crafted Adobe Digital Negative (DNG) image.

CVE-2008-0830 [HIGH] CVE-2008-0830: The Digital Photo Access Protocol (DPAP) server for iPhoto 4.0.3 allows remote attackers to cause a The Digital Photo Access Protocol (DPAP) server for iPhoto 4.0.3 allows remote attackers to cause a denial of service (crash) via a malformed dpap: URI, a different vulnerability than CVE-2008-0043.

CVE-2008-0043 [CRITICAL] CWE-94 CVE-2008-0043: Format string vulnerability in Apple iPhoto before 7.1.2 allows remote attackers to execute arbitrar Format string vulnerability in Apple iPhoto before 7.1.2 allows remote attackers to execute arbitrary code via photocast subscriptions.

CVE-2007-0645 [MEDIUM] CVE-2007-0645: Format string vulnerability in iPhoto 6.0.5 allows remote user-assisted attackers to cause a denial Format string vulnerability in iPhoto 6.0.5 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling certain Apple AppKit functions.

CVE-2007-0051 [MEDIUM] CWE-134 CVE-2007-0051: Format string vulnerability in Apple iPhoto 6.0.5 (316), and other versions before 6.0.6, allows rem Format string vulnerability in Apple iPhoto 6.0.5 (316), and other versions before 6.0.6, allows remote user-assisted attackers to execute arbitrary code via a crafted photocast with format string specifiers in the title of an RSS iPhoto feed.