Unrated severityNVD Advisory· Published Sep 16, 2008· Updated Jun 16, 2026
CVE-2008-3608
CVE-2008-3608
Description
ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted JPEG image with an embedded ICC profile.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
14cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*
- (no CPE)range: 10.4.11, 10.5 through 10.5.4
cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*
- Range: 10.4.11, 10.5 through 10.5.4
Patches
Vulnerability mechanics
References
12- www.securityfocus.com/bid/31189nvdPatch
- www.us-cert.gov/cas/techalerts/TA08-260A.htmlnvdUS Government Resource
- lists.apple.com/archives/security-announce//2008/Nov/msg00001.htmlnvd
- lists.apple.com/archives/security-announce//2008/Sep/msg00005.htmlnvd
- secunia.com/advisories/31882nvd
- secunia.com/advisories/32706nvd
- support.apple.com/kb/HT3276nvd
- support.apple.com/kb/HT3298nvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2008/2584nvd
- www.vupen.com/english/advisories/2008/3107nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/45168nvd
News mentions
0No linked articles in our index yet.