Lucene search

MitreCVE-2005-3708

HistoryJan 11, 2006 - 6:00 p.m.

CVE-2005-3708

2006-01-1118:00:00

mitre

web.nvd.nist.gov

cve-2005-3708

apple quicktime

integer overflow

arbitrary code execution

tga image files

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.122

Percentile

95.4%

JSON

Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files.

Affected configurations

Nvd

Node

applequicktimeRange≤7.0.3

applequicktimeMatch7.0

applequicktimeMatch7.0.1

applequicktimeMatch7.0.2

VendorProductVersionCPE
applequicktime7.0.2cpe:/a:apple:quicktime:7.0.2:::
applequicktimecpe:/a:apple:quicktime::::
applequicktime7.0.1cpe:/a:apple:quicktime:7.0.1:::
applequicktime7.0cpe:/a:apple:quicktime:7.0:::

Vendor	Product	Version	CPE
apple	quicktime	7.0.2	cpe:/a:apple:quicktime:7.0.2:::
apple	quicktime		cpe:/a:apple:quicktime::::
apple	quicktime	7.0.1	cpe:/a:apple:quicktime:7.0.1:::
apple	quicktime	7.0	cpe:/a:apple:quicktime:7.0:::

References

docs.info.apple.com/article.html?artnum=303101

secunia.com/advisories/18370

securitytracker.com/id?1015464

www.osvdb.org/22336

www.securityfocus.com/bid/16202

www.vupen.com/english/advisories/2006/0128

exchange.xforce.ibmcloud.com/vulnerabilities/24057

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.122

Percentile

95.4%

JSON

Related for CVE-2005-3708