| Revision Date: | 2015-06-22 | Version: | 19 |
| Title: | Apple Safari Prior to 4.0.5 Integer Overflow Vulnerability |
| Description: | Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with a crafted color profile that triggers a heap-based buffer overflow. |
| Family: | windows | Class: | vulnerability |
| Status: | ACCEPTED | Reference(s): | CVE-2010-0040
|
| Platform(s): | Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Vista
Microsoft Windows XP
| Product(s): | Apple iTunes
Apple Safari
|
| Definition Synopsis |
| Check iTunes Apple iTunes is installed
AND iTunes.exe version is less than 9.1.0.79
OR Check Safari
Apple Safari is installed
AND Apple Safari version is less than 5.31.22.7
|