Vulnerabilities > CVE-2007-0462 - Remote Memory Corruption vulnerability in Apple Mac OS X QuickDraw GetSrcBits32ARGB

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
apple
critical
exploit available

Summary

The _GetSrcBits32ARGB function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT image with a malformed Alpha RGB (ARGB) record, which triggers memory corruption.

Vulnerable Configurations

Part Description Count
Application
Apple
1
OS
Apple
1

Exploit-Db

descriptionApple Mac OS X 10.4.8 QuickDraw GetSrcBits32ARGB Remote Memory Corruption Vulnerability. CVE-2007-0462. Dos exploit for osx platform
idEDB-ID:29509
last seen2016-02-03
modified2007-01-23
published2007-01-23
reporterLMH
sourcehttps://www.exploit-db.com/download/29509/
titleApple Mac OS X 10.4.8 - QuickDraw GetSrcBits32ARGB Remote Memory Corruption Vulnerability