Описание
Integer overflow in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 7.6.0 (включая)
Одновременно
Одно из
cpe:2.3:a:apple:quicktime:*:-:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.0.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.0.1:-:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.0.2:-:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.0.3:-:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.0.4:-:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.1.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.1.1:-:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.1.2:-:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.1.3:-:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.1.4:-:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.1.5:-:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.1.6:-:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.2.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.2.1:-:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.3.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.3.1:-:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.4.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.4.1:-:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.4.5:-:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.5.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.5.5:-:windows:*:*:*:*:*
Одно из
cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
EPSS
Процентиль: 83%
0.01964
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-189
Связанные уязвимости
github
почти 4 года назад
Integer overflow in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image.
EPSS
Процентиль: 83%
0.01964
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-189