iPhoto and Apple Aperture Vulnerability |
Written by Rebecca Mints |
Thursday, 20 March 2008 18:00 |
Apple Aperture and iPhoto are susceptible to a new vulnerability, and successful exploitation would allow remote hackers to compromise a vulnerable system. While processing malformed Adobe Digital Negative (DNG) image files a buffer overflow error can occur, which would allow an attacker to crash an affected application or execute arbitrary code by getting the host to open a carefully crafted image.
This vulnerability has been rated critical. It is both remotely and locally exploitable. Credit for the discovery of this vulnerability goes to Clint Ruoho of Laconic Security. A technical description is publicly available. REFERENCES: FrSirt Apple Aperture and iPhoto DNG Image Buffer Overflow Vulnerability |