Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-0520

Опубликовано: 30 мар. 2010
Источник: nvd
CVSS2: 6.8
EPSS Низкий

Описание

Heap-based buffer overflow in QuickTimeAuthoring.qtx in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLC file, related to crafted DELTA_FLI chunks and untrusted length values in a .fli file, which are not properly handled during decompression.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*

EPSS

Процентиль: 92%
0.09154
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

github логотип

GHSA-mh9h-9rjj-5gp4

github
почти 4 года назад

Heap-based buffer overflow in QuickTimeAuthoring.qtx in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLC file, related to crafted DELTA_FLI chunks and untrusted length values in a .fli file, which are not properly handled during decompression.

EPSS

Процентиль: 92%
0.09154
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-119