Description
Format string vulnerability in iPhoto 6.0.5 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling certain Apple AppKit functions.
Exploits (1)
References (4)
Core 4
Core References
Various Sources x_refsource_misc
http://projects.info-pull.com/moab/MOAB-30-01-2007.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/22326
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/32711
Vendor Advisory x_refsource_misc
http://www.digitalmunition.com/MOAB-30-01-2007.html
Scores
EPSS
0.0649
EPSS Percentile
91.1%
Details
Status
published
Products (1)
apple/iphoto
6.0.5
Published
Feb 01, 2007
Tracked Since
Feb 18, 2026