VAR-200802-0015
Vulnerability from variot - Updated: 2023-12-18 13:20Format string vulnerability in Apple iPhoto before 7.1.2 allows remote attackers to execute arbitrary code via photocast subscriptions. iPhoto is prone to a format-string vulnerability. Failed attacks will likely cause denial-of-service conditions. This issue affects versions prior to iPhoto 7.1.2. iPhoto is a tool for importing, organizing and sharing digital photos.
A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched.
Download and test it today: https://psi.secunia.com/
Read more about this new version: https://psi.secunia.com/?page=changelog
TITLE: Apple iPhoto Photocast Format String Vulnerability
SECUNIA ADVISORY ID: SA28805
VERIFY ADVISORY: http://secunia.com/advisories/28805/
CRITICAL: Highly critical
IMPACT: System access
WHERE:
From remote
SOFTWARE: Apple iLife iPhoto 7.x http://secunia.com/product/17471/
DESCRIPTION: A vulnerability has been reported in Apple iPhoto, which can be exploited by malicious people to compromise a vulnerable system.
SOLUTION: Update to iPhoto 7.1.2. http://www.apple.com/support/downloads/iphoto712.html
PROVIDED AND/OR DISCOVERED BY: The vendor credits Nathan McFeters, Ernst & Young's Advanced Security Center.
ORIGINAL ADVISORY: http://docs.info.apple.com/article.html?artnum=307398
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200802-0015",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iphoto",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "7.1"
},
{
"model": "iphoto",
"scope": "eq",
"trust": 0.9,
"vendor": "apple",
"version": "7.1"
},
{
"model": "iphoto",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "\u201808 7.1"
},
{
"model": "iphoto",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.2"
},
{
"model": "iphoto",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.6"
},
{
"model": "iphoto",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.5(316)"
}
],
"sources": [
{
"db": "BID",
"id": "27636"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001060"
},
{
"db": "NVD",
"id": "CVE-2008-0043"
},
{
"db": "CNNVD",
"id": "CNNVD-200802-104"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:iphoto:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-0043"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nathan McFeters",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200802-104"
}
],
"trust": 0.6
},
"cve": "CVE-2008-0043",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2008-0043",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-30168",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-0043",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200802-104",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-30168",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-30168"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001060"
},
{
"db": "NVD",
"id": "CVE-2008-0043"
},
{
"db": "CNNVD",
"id": "CNNVD-200802-104"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Format string vulnerability in Apple iPhoto before 7.1.2 allows remote attackers to execute arbitrary code via photocast subscriptions. iPhoto is prone to a format-string vulnerability. Failed attacks will likely cause denial-of-service conditions. \nThis issue affects versions prior to iPhoto 7.1.2. iPhoto is a tool for importing, organizing and sharing digital photos. \n\n----------------------------------------------------------------------\n\nA new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI\nhas been released. The new version includes many new and advanced\nfeatures, which makes it even easier to stay patched. \n\nDownload and test it today:\nhttps://psi.secunia.com/\n\nRead more about this new version:\nhttps://psi.secunia.com/?page=changelog\n\n----------------------------------------------------------------------\n\nTITLE:\nApple iPhoto Photocast Format String Vulnerability\n\nSECUNIA ADVISORY ID:\nSA28805\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/28805/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nApple iLife iPhoto 7.x\nhttp://secunia.com/product/17471/\n\nDESCRIPTION:\nA vulnerability has been reported in Apple iPhoto, which can be\nexploited by malicious people to compromise a vulnerable system. \n\nSOLUTION:\nUpdate to iPhoto 7.1.2. \nhttp://www.apple.com/support/downloads/iphoto712.html\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Nathan McFeters, Ernst \u0026 Young\u0027s Advanced Security\nCenter. \n\nORIGINAL ADVISORY:\nhttp://docs.info.apple.com/article.html?artnum=307398\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-0043"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001060"
},
{
"db": "BID",
"id": "27636"
},
{
"db": "VULHUB",
"id": "VHN-30168"
},
{
"db": "PACKETSTORM",
"id": "63350"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "27636",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2008-0043",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "28805",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1019307",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2008-0428",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001060",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200802-104",
"trust": 0.7
},
{
"db": "APPLE",
"id": "APPLE-SA-2008-02-05",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-30168",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "63350",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-30168"
},
{
"db": "BID",
"id": "27636"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001060"
},
{
"db": "PACKETSTORM",
"id": "63350"
},
{
"db": "NVD",
"id": "CVE-2008-0043"
},
{
"db": "CNNVD",
"id": "CNNVD-200802-104"
}
]
},
"id": "VAR-200802-0015",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-30168"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:20:43.948000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "iPhoto 7.1.2",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=307398-en"
},
{
"title": "iPhoto 7.1.2",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=307398-ja"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001060"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-30168"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001060"
},
{
"db": "NVD",
"id": "CVE-2008-0043"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/27636"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1019307"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/28805"
},
{
"trust": 2.1,
"url": "http://docs.info.apple.com/article.html?artnum=307398"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2008/feb/msg00000.html"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/0428/references"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0043"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2008/0428"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0043"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/0428/references"
},
{
"trust": 0.3,
"url": "http://www.apple.com/ilife/iphoto/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/?page=changelog"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/17471/"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/iphoto712.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/28805/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-30168"
},
{
"db": "BID",
"id": "27636"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001060"
},
{
"db": "PACKETSTORM",
"id": "63350"
},
{
"db": "NVD",
"id": "CVE-2008-0043"
},
{
"db": "CNNVD",
"id": "CNNVD-200802-104"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-30168"
},
{
"db": "BID",
"id": "27636"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001060"
},
{
"db": "PACKETSTORM",
"id": "63350"
},
{
"db": "NVD",
"id": "CVE-2008-0043"
},
{
"db": "CNNVD",
"id": "CNNVD-200802-104"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-02-08T00:00:00",
"db": "VULHUB",
"id": "VHN-30168"
},
{
"date": "2008-02-05T00:00:00",
"db": "BID",
"id": "27636"
},
{
"date": "2008-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001060"
},
{
"date": "2008-02-07T01:07:33",
"db": "PACKETSTORM",
"id": "63350"
},
{
"date": "2008-02-08T02:00:00",
"db": "NVD",
"id": "CVE-2008-0043"
},
{
"date": "2008-02-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200802-104"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-03-08T00:00:00",
"db": "VULHUB",
"id": "VHN-30168"
},
{
"date": "2008-02-08T03:36:00",
"db": "BID",
"id": "27636"
},
{
"date": "2008-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001060"
},
{
"date": "2011-03-08T03:03:49.767000",
"db": "NVD",
"id": "CVE-2008-0043"
},
{
"date": "2008-09-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200802-104"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200802-104"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple iPhoto of Photocast Subscription format string vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001060"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200802-104"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…