Lucene search
AppleCVE-2010-0529HistoryMar 31, 2010 - 6:30 p.m.
CVE-2010-0529
2010-03-3118:30:00
CWE-119
apple
web.nvd.nist.gov
33
cve-2010-0529
apple quicktime
windows
buffer overflow
remote code execution
denial of service
nvd
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
8.1
Confidence
High
EPSS
0.94
Percentile
99.2%
Heap-based buffer overflow in QuickTime.qts in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PICT image with a BkPixPat opcode (0x12) containing crafted values that are used in a calculation for memory allocation.
Affected configurations
Node
applequicktimeRange≤7.6.0-windows
ORapplequicktimeMatch7.0.0-windows
ORapplequicktimeMatch7.0.1-windows
ORapplequicktimeMatch7.0.2-windows
ORapplequicktimeMatch7.0.3-windows
ORapplequicktimeMatch7.0.4-windows
ORapplequicktimeMatch7.1.0-windows
ORapplequicktimeMatch7.1.1-windows
ORapplequicktimeMatch7.1.2-windows
ORapplequicktimeMatch7.1.3-windows
ORapplequicktimeMatch7.1.4-windows
ORapplequicktimeMatch7.1.5-windows
ORapplequicktimeMatch7.1.6-windows
ORapplequicktimeMatch7.2.0-windows
ORapplequicktimeMatch7.2.1-windows
ORapplequicktimeMatch7.3.0-windows
ORapplequicktimeMatch7.3.1-windows
ORapplequicktimeMatch7.4.0-windows
ORapplequicktimeMatch7.4.1-windows
ORapplequicktimeMatch7.4.5-windows
ORapplequicktimeMatch7.5.0-windows
ORapplequicktimeMatch7.5.5-windows
microsoftwindows_7
ORmicrosoftwindows_vista
ORmicrosoftwindows_xpsp2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| apple | quicktime | * | cpe:2.3:a:apple:quicktime:*:-:windows:*:*:*:*:* |
| apple | quicktime | 7.0.0 | cpe:2.3:a:apple:quicktime:7.0.0:-:windows:*:*:*:*:* |
| apple | quicktime | 7.0.1 | cpe:2.3:a:apple:quicktime:7.0.1:-:windows:*:*:*:*:* |
| apple | quicktime | 7.0.2 | cpe:2.3:a:apple:quicktime:7.0.2:-:windows:*:*:*:*:* |
| apple | quicktime | 7.0.3 | cpe:2.3:a:apple:quicktime:7.0.3:-:windows:*:*:*:*:* |
| apple | quicktime | 7.0.4 | cpe:2.3:a:apple:quicktime:7.0.4:-:windows:*:*:*:*:* |
| apple | quicktime | 7.1.0 | cpe:2.3:a:apple:quicktime:7.1.0:-:windows:*:*:*:*:* |
| apple | quicktime | 7.1.1 | cpe:2.3:a:apple:quicktime:7.1.1:-:windows:*:*:*:*:* |
| apple | quicktime | 7.1.2 | cpe:2.3:a:apple:quicktime:7.1.2:-:windows:*:*:*:*:* |
| apple | quicktime | 7.1.3 | cpe:2.3:a:apple:quicktime:7.1.3:-:windows:*:*:*:*:* |
Related
seebug
seebug
Apple QuickTime Pict BkPixPat Remote Code Execution
2010-04-07 00:00:00
zdi
zdi
Apple QuickTime Pict BkPixPat Remote Code Execution Vulnerability
2010-04-06 00:00:00
prion
prion
Heap overflow
2010-03-31 18:30:00
cvelist
cvelist
CVE-2010-0529
2010-03-31 18:00:00
securityvulns
securityvulns
Apple QuickTime/iTunes multiple security vulnerabilities
2010-04-12 00:00:00
nvd
nvd
CVE-2010-0529
2010-03-31 18:30:00
openvas
openvas
Apple QuickTime Multiple Denial Of Service Vulnerabilities (Windows)
2010-04-06 00:00:00
Apple QuickTime Multiple Denial Of Service Vulnerabilities - Windows
2010-04-06 00:00:00
nessus
nessus
QuickTime < 7.6.6 Multiple Vulnerabilities
2009-03-31 00:00:00
QuickTime < 7.6.6 Multiple Vulnerabilities
2009-03-31 00:00:00
QuickTime < 7.6.6 Multiple Vulnerabilities (Windows)
2010-03-31 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
8.1
Confidence
High
EPSS
0.94
Percentile
99.2%
Related for CVE-2010-0529