CVE-2011-0215

Loading...

General

Score:9.3/10.0
Severity:High
Category:Input Validation Error

Impact Metrics

Confidentiality:Complete
Integrity:Complete
Availability:Complete

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Published on 22/07/11 - Updated on 14/10/11

Description

ImageIO in Apple Safari before 5.0.6 on Windows does not properly address re-entrancy issues, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file.

Category: Input Validation Error

CWE-20 (Input Validation)
The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.

Security Notices

US National Vulnerability DatabaseCVE-2011-0215
Agence Nationale de la Sécurité des Systèmes d'Information CERTA-2011-AVI-403, CERTA-2011-AVI-569

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
appleimageio
applesafari

Share this vulnerability with:

Twitter Facebook LinkedIn Mail