{"vuid":"VU#988356","idnumber":"988356","name":"Apple Mac OS X vulnerable to stack-based buffer overflow via specially crafted TIFF file","keywords":["Apple","Mac","OS X","stack-based","buffer overflow","TIFF image","arbitrary code execution"],"overview":"Apple has reported a vulnerability in the way Mac OS X 10.4 systems handle TIFF images that could cause affected applications to crash or allow remote code execution.","clean_desc":"TIFF Image File Format The TIFF image file format is a widely supported file format used for storing images. Integration The Safari web browser and other applications in Mac OS X versions 10.4 to 10.4.6 are capable of opening TIFF formatted images. The problem An attacker may be able to create a specially crafted TIFF image that exploits a stack based buffer overflow. If successfully exploited, this buffer overflow may result in an application crash or arbitrary code execution. Apple states that this vulnerability does not affect Mac OS X versions below 10.4.","impact":"A remote, unauthenticated attacker may be able to execute arbitrary code or cause a denial of service by persuading a user to access a specially crafted TIFF image.","resolution":"Upgrade Apply the upgrade provided by Apple. Refer to the Apple security updates in Mac OS X version 10.4.7 for more information.","workarounds":"Workarounds Only open TIFF files that are from trusted sources.","sysaffected":"","thanks":"Thanks to Apple Product Security for reporting this vulnerability.","author":"This document was written by Ryan Giobbi.","public":[],"cveids":["CVE-2006-1469"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2006-06-28T12:19:37Z","publicdate":"2006-06-27T00:00:00Z","datefirstpublished":"2006-06-30T15:02:26Z","dateupdated":"2006-06-30T17:37:01Z","revision":27,"vrda_d1_directreport":"0","vrda_d1_population":"3","vrda_d1_impact":"3","cam_widelyknown":"11","cam_exploitation":"1","cam_internetinfrastructure":"3","cam_population":"10","cam_impact":"7","cam_easeofexploitation":"4","cam_attackeraccessrequired":"17","cam_scorecurrent":"1.33875","cam_scorecurrentwidelyknown":"2.142","cam_scorecurrentwidelyknownexploited":"3.83775","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":1.33875,"vulnote":null}