CVE-2006-1982
Heap-based buffer overflow in the LZWDecodeVector function in Mac OS X before 10.4.6, as used in applications that use ImageIO or AppKit, allows remote attackers to execute arbitrary code via crafted TIFF images.
Date published : 2006-04-21
http://lists.apple.com/archives/security-announce/2006/May/msg00003.html