Wednesday, February 21, 2007

Apple OS X ImageIO "gifGetBandProc" Integer Overflow

http://security-protocols.com/sp-x39-advisory.php

Overview:
An integer overflow vulnerability exists within ImageIO when processing a malformed .gif file. This allows for an attacker to cause the application to crash, and or to execute arbitrary code on the targeted host.

Technical Details:
When decompressing a specially crafted .gif file, the gifGetBandProc function within ImageIO incorrectly parses the malformed data causing the application to segmentation fault.

Vendor Status:
Apple was notified on 9/8/2006

Discovered by:
Tom Ferris
tommy[at]security-protocols[dot]com

Related Links:
http://security-protocols.com/sp-x39-advisory.php
http://security-protocols.com/poc/sp-x39.gif
http://security-protocols.com/poc/sp-x39-source.gif
http://apple.com

No comments:

Post a Comment