Описание
Unspecified vulnerability in Apple QuickTime MPEG-2 Playback Component before 7.60.92.0 on Windows allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted MPEG-2 movie.
Комментарий
per http://lists.apple.com/archives/security-announce//2009/Jan/msg00001.html
"This issue does not affect systems running Mac OS X."
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:apple:quicktime_mpeg-2_playback_component:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05254
Низкий
7.6 High
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
почти 4 года назад
Unspecified vulnerability in Apple QuickTime MPEG-2 Playback Component before 7.60.92.0 on Windows allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted MPEG-2 movie.
EPSS
Процентиль: 90%
0.05254
Низкий
7.6 High
CVSS2
Дефекты
CWE-20