ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted PNG image.
Base Score: 4.3
Impact Score: 2.9
Exploitability Score: 8.6
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions up to 8.4 (inclusive)
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* versions up to 10.10.4 (inclusive)
View all (6 total)