exploitDog

GHSA-jpvf-fchh-626j

Опубликовано: 02 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted image description atoms in an Apple video file, related to a "sign extension issue."

Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted image description atoms in an Apple video file, related to a "sign extension issue."

Ссылки

EPSS

Процентиль: 96%

0.23451

Средний

CVE ID

Дефекты

CWE-94

Связанные уязвимости

CVE-2009-0955

nvd

больше 16 лет назад

Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted image description atoms in an Apple video file, related to a "sign extension issue."

EPSS

Процентиль: 96%

0.23451

Средний

CVE ID

Дефекты

CWE-94