search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Apple Mac OS X vulnerable to stack-based buffer overflow via specially crafted TIFF file

Vulnerability Note VU#988356

Original Release Date: 2006-06-30 | Last Revised: 2006-06-30


Apple has reported a vulnerability in the way Mac OS X 10.4 systems handle TIFF images that could cause affected applications to crash or allow remote code execution..


TIFF Image File Format

The TIFF image file format is a widely supported file format used for storing images.


The Safari web browser and other applications in Mac OS X versions 10.4 to 10.4.6 are capable of opening TIFF formatted images.

The problem

An attacker may be able to create a specially crafted TIFF image that exploits a stack based buffer overflow. If successfully exploited, this buffer overflow may result in an application crash or arbitrary code execution. Apple states that this vulnerability does not affect Mac OS X versions below 10.4.


A remote unauthenticated attacker may be able to execute arbitrary code or cause a denial of service by persuading a user to access a specially crafted TIFF image



Apply the upgrade provided by Apple. Refer to the Apple security updates in Mac OS X version 10.4.7 for more information.


Only open TIFF files that are from trusted sources.

Vendor Information


Apple Computer, Inc. Affected

Updated:  June 29, 2006



Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.


Apple has released security advisory APPLE-SA-2006-06-27 to address this issue.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

CVSS Metrics

Group Score Vector



Thanks to Apple Product Security for reporting this vulnerability.

This document was written by Ryan Giobbi.

Other Information

CVE IDs: CVE-2006-1469
Severity Metric: 1.34
Date Public: 2006-06-27
Date First Published: 2006-06-30
Date Last Updated: 2006-06-30 17:37 UTC
Document Revision: 27

Sponsored by CISA.