CVE-2006-1450
Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via an enriched text e-mail message with "invalid color information" that causes Mail to allocate and initialize arbitrary classes.
Date published : 2006-05-12
http://lists.apple.com/archives/security-announce/2006/May/msg00003.html