Apple Safari

Buffer overflow in ImageIO in Apple Mac OS X 10.5 before 10.5.8, and
Safari before 4.0.3, allows remote attackers to execute arbitrary code
or cause a denial of service (application crash) via an image with
crafted EXIF metadata.

Buffer overflow in ImageIO in Apple Mac OS X 10.5 before 10.5.8, and
Safari before 4.0.3, allows remote attackers to execute arbitrary code
or cause a denial of service (application crash) via an image with
crafted EXIF metadata.

Apple Safari, possibly before 4.0.3, on Mac
OS X does not properly handle a?’’ character in a domain name in the
subject’s Common Name (CN) field of an X.509 certificate, which allows
man-in-the-middle attackers to spoof arbitrary SSL servers via a
crafted certificate issued by a legitimate Certification?Authority, a
related issue to CVE-2009-2408.

Buffer overflow in ImageIO in
Apple Mac OS X 10.5 before 10.5.8, and Safari before 4.0.3, allows
remote attackers to execute arbitrary code or cause a denial of service
(application crash) via an image with crafted EXIF metadata. 

Suggested articles

Slideshow: Scenes from Black Hat USA 2013

Scenes from this year’s hacking conference in Las Vegas, Nev. include a keynote by General Keith B. Alexander, Director of the National Security Agency and talks by researchers Karsten Nohl and Ralf-Phillip Weinmann.

Ryan McGeehan and Chad Greene

More from CanSecWest 2013

Pwn2Own, Pwnium Attract Dollars and 0-Days by the BushelGroundbreaking Cyber Fast Track Research Program EndingAt Pwn2Own, Browser Exploits Gett

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.