Описание
Apple QuickTime before 7.0.3 allows user-assisted attackers to overwrite memory and execute arbitrary code via a crafted PICT file that triggers an overflow during expansion.
Ссылки
- Vendor Advisory
- PatchVendor Advisory
- US Government Resource
- Vendor Advisory
- PatchVendor Advisory
- US Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 7.0.2 (включая)
Одно из
cpe:2.3:a:apple:quicktime:*:*:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:6.5.2:*:mac_os_x_10.2:*:*:*:*:*
cpe:2.3:a:apple:quicktime:6.5.2:*:mac_os_x_10.3:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.0:*:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.0.1:*:mac_os_x_10.3:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.0.1:*:mac_os_x_10.4:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.0.1:*:windows:*:*:*:*:*
EPSS
Процентиль: 84%
0.02311
Низкий
5.1 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Apple QuickTime before 7.0.3 allows user-assisted attackers to overwrite memory and execute arbitrary code via a crafted PICT file that triggers an overflow during expansion.
EPSS
Процентиль: 84%
0.02311
Низкий
5.1 Medium
CVSS2
Дефекты
NVD-CWE-Other