CVE-2010-0040
15.03.2010, 13:28
Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with a crafted color profile that triggers a heap-based buffer overflow.Enginsight
| Vendor | Product | Version |
|---|---|---|
| apple | safari | 𝑥 ≤ 4.0.4 |
| apple | safari | 4.0 |
| apple | safari | 4.0.0b:b |
| apple | safari | 4.0.1 |
| apple | safari | 4.0.2 |
| apple | safari | 4.0.3 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References