ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafted TIFF image.

在Apple Safari 4.0.5 之前和Windows上的iTunes 9.1 之前，ImageIO在Apple Safari 和iTunes 中未确保内存访问与初始化内存相关联，这允许远程攻击者通过创建的TIFF图像从进程内存中获取 potentially sensitive 信息。

NVD 暂无评分

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

NVD 暂无漏洞类别信息

神龙GPT 暂无漏洞类别信息（请耐心等待）