Iphoto
by Apple Inc.
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-0051 | 0.04 | — | 0.09 | Jan 4, 2007 | Format string vulnerability in Apple iPhoto 6.0.5 (316), and other versions before 6.0.6, allows remote user-assisted attackers to execute arbitrary code via a crafted photocast with format string specifiers in the title of an RSS iPhoto feed. | |||
| CVE-2008-0830 | 0.03 | — | 0.02 | Feb 19, 2008 | The Digital Photo Access Protocol (DPAP) server for iPhoto 4.0.3 allows remote attackers to cause a denial of service (crash) via a malformed dpap: URI, a different vulnerability than CVE-2008-0043. | |||
| CVE-2007-0645 | 0.03 | — | 0.02 | Feb 1, 2007 | Format string vulnerability in iPhoto 6.0.5 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling certain Apple AppKit functions. | |||
| CVE-2008-0987 | 0.00 | — | 0.05 | Mar 18, 2008 | Stack-based buffer overflow in Image Raw in Apple Mac OS X 10.5.2, and Digital Camera RAW Compatibility before Update 2.0 for Aperture 2 and iPhoto 7.1.2, allows remote attackers to execute arbitrary code via a crafted Adobe Digital Negative (DNG) image. | |||
| CVE-2008-0043 | 0.00 | — | 0.04 | Feb 8, 2008 | Format string vulnerability in Apple iPhoto before 7.1.2 allows remote attackers to execute arbitrary code via photocast subscriptions. |
- CVE-2007-0051Jan 4, 2007risk 0.04cvss —epss 0.09
Format string vulnerability in Apple iPhoto 6.0.5 (316), and other versions before 6.0.6, allows remote user-assisted attackers to execute arbitrary code via a crafted photocast with format string specifiers in the title of an RSS iPhoto feed.
- CVE-2008-0830Feb 19, 2008risk 0.03cvss —epss 0.02
The Digital Photo Access Protocol (DPAP) server for iPhoto 4.0.3 allows remote attackers to cause a denial of service (crash) via a malformed dpap: URI, a different vulnerability than CVE-2008-0043.
- CVE-2007-0645Feb 1, 2007risk 0.03cvss —epss 0.02
Format string vulnerability in iPhoto 6.0.5 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling certain Apple AppKit functions.
- CVE-2008-0987Mar 18, 2008risk 0.00cvss —epss 0.05
Stack-based buffer overflow in Image Raw in Apple Mac OS X 10.5.2, and Digital Camera RAW Compatibility before Update 2.0 for Aperture 2 and iPhoto 7.1.2, allows remote attackers to execute arbitrary code via a crafted Adobe Digital Negative (DNG) image.
- CVE-2008-0043Feb 8, 2008risk 0.00cvss —epss 0.04
Format string vulnerability in Apple iPhoto before 7.1.2 allows remote attackers to execute arbitrary code via photocast subscriptions.