VYPR

Imageio

by Apple Inc.

CVEs (18)

  • CVE-2016-7643HigFeb 20, 2017
    risk 0.53cvss 8.1epss 0.01

    An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information from process memory or cause…

  • CVE-2017-13814HigNov 13, 2017
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted image file.

  • CVE-2017-2432HigApr 2, 2017
    risk 0.51cvss 7.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or…

  • CVE-2017-2416HigApr 2, 2017
    risk 0.51cvss 7.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or…

  • CVE-2016-4632HigJul 22, 2016
    risk 0.49cvss 7.5epss 0.03

    ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

  • CVE-2011-0241Jul 21, 2011
    risk 0.01cvss epss 0.07

    Heap-based buffer overflow in ImageIO in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with CCITT Group 4 encoding.

  • CVE-2007-0733Mar 13, 2007
    risk 0.01cvss epss 0.07

    Unspecified vulnerability in ImageIO in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted RAW image that triggers memory corruption.

  • CVE-2015-5935Oct 23, 2015
    risk 0.00cvss epss 0.03

    ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5936, CVE-2015-5937, and…

  • CVE-2015-1139Apr 10, 2015
    risk 0.00cvss epss 0.04

    ImageIO in Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .sgi file.

  • CVE-2011-0215Jul 21, 2011
    risk 0.00cvss epss 0.04

    ImageIO in Apple Safari before 5.0.6 on Windows does not properly address re-entrancy issues, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file.

  • CVE-2011-0205Jun 24, 2011
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image.

  • CVE-2011-0204Jun 24, 2011
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image.

  • CVE-2011-0194Mar 23, 2011
    risk 0.00cvss epss 0.03

    Integer overflow in ImageIO in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding.

  • CVE-2011-0181Mar 23, 2011
    risk 0.00cvss epss 0.03

    Integer overflow in ImageIO in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XBM image.

  • CVE-2008-3608Sep 16, 2008
    risk 0.00cvss epss 0.03

    ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted JPEG image with an embedded ICC profile.

  • CVE-2008-2332Sep 16, 2008
    risk 0.00cvss epss 0.03

    ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted TIFF image.

  • CVE-2006-1552Mar 31, 2006
    risk 0.00cvss epss 0.04

    Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to cause a denial of service (crash) via a crafted JPEG image with malformed JPEG metadata, as demonstrated using Safari, aka "Deja-Doom".

  • CVE-2005-2747Oct 25, 2005
    risk 0.00cvss epss 0.05

    Buffer overflow in ImageIO for Apple Mac OS X 10.4.2, as used by applications such as WebCore and Safari, allows remote attackers to execute arbitrary code via a crafted GIF file.