[原文]AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception.
Apple Mac OS X AppKit Malformed TIFF Image NXSeek() DoS
Remote / Network Access
Denial of Service
Loss of Availability
Mac OS X contains a flaw that may allow a remote denial of service. The issue is triggered when a malformed TIFF image file containing a call to NXSeek() with an offset outside the image is opened by a Cocoa application, which causes the application to crash resulting in a loss of availability.
Currently, there are no known workarounds or upgrades to correct this issue. However, Apple has released a patch to address this vulnerability.