Threat Center Security News iPhoto and Apple Aperture Vulnerability
iPhoto and Apple Aperture Vulnerability Print E-mail
Written by Rebecca Mints   
Thursday, 20 March 2008 18:00
Apple Aperture and iPhoto are susceptible to a new vulnerability, and successful exploitation would allow remote hackers to compromise a vulnerable system. While processing malformed Adobe Digital Negative (DNG) image files a buffer overflow error can occur, which would allow an attacker to crash an affected application or execute arbitrary code by getting the host to open a carefully crafted image.

This vulnerability has been rated critical. It is both remotely and locally exploitable. Credit for the discovery of this vulnerability goes to Clint Ruoho of Laconic Security. A technical description is publicly available.

Apple Aperture and iPhoto DNG Image Buffer Overflow Vulnerability

WTW Threat Level