1. Home
  2. CVE Database
  3. CVE-2009-0155
MEDIUM · 6.8

CVE-2009-0155

Integer underflow in CoreGraphics in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or...

Vulnerability Description

Integer underflow in CoreGraphics in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file that triggers a heap-based buffer overflow.

CVSS Score

6.8

MEDIUM

AV:N/AC:M/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
AppleMac Os X10.5.0
AppleMac Os X Server10.5.0

Related Weaknesses (CWE)

CWE-189

References

FAQ

What is CVE-2009-0155?

CVE-2009-0155 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Integer underflow in CoreGraphics in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or...

How severe is CVE-2009-0155?

CVE-2009-0155 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2009-0155?

Check the references section above for vendor advisories and patch information. Affected products include: Apple Mac Os X, Apple Mac Os X Server.