Lucene search

[email protected]CVE-2012-0670

HistoryMay 16, 2012 - 10:12 a.m.

CVE-2012-0670

2012-05-1610:12:58

CWE-189

[email protected]

web.nvd.nist.gov

cve-2012-0670

apple quicktime

integer overflow

remote attackers

arbitrary code

denial of service

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.295 Low

EPSS

Percentile

96.9%

JSON

Integer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted sean atom in a movie file.

Affected configurations

NVD

Node

applequicktimeRange≤7.7.1

applequicktimeMatch3.0

applequicktimeMatch4.1.2

applequicktimeMatch5.0

applequicktimeMatch5.0.1

applequicktimeMatch5.0.2

applequicktimeMatch6.0

applequicktimeMatch6.0.0

applequicktimeMatch6.0.1

applequicktimeMatch6.0.2

applequicktimeMatch6.1

applequicktimeMatch6.1.0

applequicktimeMatch6.1.1

applequicktimeMatch6.2.0

applequicktimeMatch6.3.0

applequicktimeMatch6.4.0

applequicktimeMatch6.5

applequicktimeMatch6.5.0

applequicktimeMatch6.5.1

applequicktimeMatch6.5.2

applequicktimeMatch7.0

applequicktimeMatch7.0.0

applequicktimeMatch7.0.1

applequicktimeMatch7.0.2

applequicktimeMatch7.0.3

applequicktimeMatch7.0.4

applequicktimeMatch7.1

applequicktimeMatch7.1.0

applequicktimeMatch7.1.1

applequicktimeMatch7.1.2

applequicktimeMatch7.1.3

applequicktimeMatch7.1.4

applequicktimeMatch7.1.5

applequicktimeMatch7.1.6

applequicktimeMatch7.2

applequicktimeMatch7.2.0

applequicktimeMatch7.2.1

applequicktimeMatch7.3

applequicktimeMatch7.3.0

applequicktimeMatch7.3.1

applequicktimeMatch7.3.1.70

applequicktimeMatch7.4

applequicktimeMatch7.4.0

applequicktimeMatch7.4.1

applequicktimeMatch7.4.5

applequicktimeMatch7.5.0

applequicktimeMatch7.5.5

applequicktimeMatch7.6.0

applequicktimeMatch7.6.1

applequicktimeMatch7.6.2

applequicktimeMatch7.6.5

applequicktimeMatch7.6.6

applequicktimeMatch7.6.7

applequicktimeMatch7.6.8

applequicktimeMatch7.6.9

applequicktimeMatch7.7.0

applequicktimeMatch7.60.92.0

applequicktimeMatch7.62.14.0

applequicktimeMatch7.64.17.73

applequicktimeMatch7.65.17.80

applequicktimeMatch7.66.71.0

applequicktimeMatch7.67.75.0

applequicktimeMatch7.68.75.0

applequicktimeMatch7.69.80.9

CPENameOperatorVersion
apple:quicktimeapple quicktimele7.7.1
apple:quicktimeapple quicktimeeq3.0
apple:quicktimeapple quicktimeeq4.1.2
apple:quicktimeapple quicktimeeq5.0
apple:quicktimeapple quicktimeeq5.0.1
apple:quicktimeapple quicktimeeq5.0.2
apple:quicktimeapple quicktimeeq6.0
apple:quicktimeapple quicktimeeq6.0.0
apple:quicktimeapple quicktimeeq6.0.1
apple:quicktimeapple quicktimeeq6.0.2

CPE	Name	Operator	Version
apple:quicktime	apple quicktime	le	7.7.1
apple:quicktime	apple quicktime	eq	3.0
apple:quicktime	apple quicktime	eq	4.1.2
apple:quicktime	apple quicktime	eq	5.0
apple:quicktime	apple quicktime	eq	5.0.1
apple:quicktime	apple quicktime	eq	5.0.2
apple:quicktime	apple quicktime	eq	6.0
apple:quicktime	apple quicktime	eq	6.0.0
apple:quicktime	apple quicktime	eq	6.0.1
apple:quicktime	apple quicktime	eq	6.0.2