Lucene search
HistorySep 20, 2012 - 9:55 p.m.
CVE-2012-3722
cve-2012-3722
sorenson codec
quicktime
apple
mac os x
coremedia
ios
memory access
remote attackers
arbitrary code execution
denial of service
application crash
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
High
0.019 Low
EPSS
Percentile
88.4%
The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and in CoreMedia in iOS before 6, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding.
Affected configurations
Node
applemac_os_xRange≤10.7.4
ORapplemac_os_xMatch10.0
ORapplemac_os_xMatch10.0.0
ORapplemac_os_xMatch10.0.1
ORapplemac_os_xMatch10.0.2
ORapplemac_os_xMatch10.0.3
ORapplemac_os_xMatch10.0.4
ORapplemac_os_xMatch10.1
ORapplemac_os_xMatch10.1.0
ORapplemac_os_xMatch10.1.1
ORapplemac_os_xMatch10.1.2
ORapplemac_os_xMatch10.1.3
ORapplemac_os_xMatch10.1.4
ORapplemac_os_xMatch10.1.5
ORapplemac_os_xMatch10.2
ORapplemac_os_xMatch10.2.0
ORapplemac_os_xMatch10.2.1
ORapplemac_os_xMatch10.2.2
ORapplemac_os_xMatch10.2.3
ORapplemac_os_xMatch10.2.4
ORapplemac_os_xMatch10.2.5
ORapplemac_os_xMatch10.2.6
ORapplemac_os_xMatch10.2.7
ORapplemac_os_xMatch10.2.8
ORapplemac_os_xMatch10.3
ORapplemac_os_xMatch10.3.0
ORapplemac_os_xMatch10.3.1
ORapplemac_os_xMatch10.3.2
ORapplemac_os_xMatch10.3.3
ORapplemac_os_xMatch10.3.4
ORapplemac_os_xMatch10.3.5
ORapplemac_os_xMatch10.3.6
ORapplemac_os_xMatch10.3.7
ORapplemac_os_xMatch10.3.8
ORapplemac_os_xMatch10.3.9
ORapplemac_os_xMatch10.4
ORapplemac_os_xMatch10.4.0
ORapplemac_os_xMatch10.4.1
ORapplemac_os_xMatch10.4.2
ORapplemac_os_xMatch10.4.3
ORapplemac_os_xMatch10.4.4
ORapplemac_os_xMatch10.4.5
ORapplemac_os_xMatch10.4.6
ORapplemac_os_xMatch10.4.7
ORapplemac_os_xMatch10.4.8
ORapplemac_os_xMatch10.4.9
ORapplemac_os_xMatch10.4.10
ORapplemac_os_xMatch10.4.11
ORapplemac_os_xMatch10.5
ORapplemac_os_xMatch10.5.0
ORapplemac_os_xMatch10.5.1
ORapplemac_os_xMatch10.5.2
ORapplemac_os_xMatch10.5.3
ORapplemac_os_xMatch10.5.4
ORapplemac_os_xMatch10.5.5
ORapplemac_os_xMatch10.5.6
ORapplemac_os_xMatch10.5.7
ORapplemac_os_xMatch10.5.8
ORapplemac_os_xMatch10.6.0
ORapplemac_os_xMatch10.6.1
ORapplemac_os_xMatch10.6.2
ORapplemac_os_xMatch10.6.3
ORapplemac_os_xMatch10.6.4
ORapplemac_os_xMatch10.6.5
ORapplemac_os_xMatch10.6.6
ORapplemac_os_xMatch10.6.7
ORapplemac_os_xMatch10.6.8
ORapplemac_os_xMatch10.7.0
ORapplemac_os_xMatch10.7.1
ORapplemac_os_xMatch10.7.2
ORapplemac_os_xMatch10.7.3
Node
applemac_os_x_serverRange≤10.7.4
ORapplemac_os_x_serverMatch10.0
ORapplemac_os_x_serverMatch10.0.0
ORapplemac_os_x_serverMatch10.0.1
ORapplemac_os_x_serverMatch10.0.2
ORapplemac_os_x_serverMatch10.0.3
ORapplemac_os_x_serverMatch10.0.4
ORapplemac_os_x_serverMatch10.1
ORapplemac_os_x_serverMatch10.1.0
ORapplemac_os_x_serverMatch10.1.1
ORapplemac_os_x_serverMatch10.1.2
ORapplemac_os_x_serverMatch10.1.3
ORapplemac_os_x_serverMatch10.1.4
ORapplemac_os_x_serverMatch10.1.5
ORapplemac_os_x_serverMatch10.2
ORapplemac_os_x_serverMatch10.2.0
ORapplemac_os_x_serverMatch10.2.1
ORapplemac_os_x_serverMatch10.2.2
ORapplemac_os_x_serverMatch10.2.3
ORapplemac_os_x_serverMatch10.2.4
ORapplemac_os_x_serverMatch10.2.5
ORapplemac_os_x_serverMatch10.2.6
ORapplemac_os_x_serverMatch10.2.7
ORapplemac_os_x_serverMatch10.2.8
ORapplemac_os_x_serverMatch10.3
ORapplemac_os_x_serverMatch10.3.0
ORapplemac_os_x_serverMatch10.3.1
ORapplemac_os_x_serverMatch10.3.2
ORapplemac_os_x_serverMatch10.3.3
ORapplemac_os_x_serverMatch10.3.4
ORapplemac_os_x_serverMatch10.3.5
ORapplemac_os_x_serverMatch10.3.6
ORapplemac_os_x_serverMatch10.3.7
ORapplemac_os_x_serverMatch10.3.8
ORapplemac_os_x_serverMatch10.3.9
ORapplemac_os_x_serverMatch10.4
ORapplemac_os_x_serverMatch10.4.0
ORapplemac_os_x_serverMatch10.4.1
ORapplemac_os_x_serverMatch10.4.2
ORapplemac_os_x_serverMatch10.4.3
ORapplemac_os_x_serverMatch10.4.4
ORapplemac_os_x_serverMatch10.4.5
ORapplemac_os_x_serverMatch10.4.6
ORapplemac_os_x_serverMatch10.4.7
ORapplemac_os_x_serverMatch10.4.8
ORapplemac_os_x_serverMatch10.4.9
ORapplemac_os_x_serverMatch10.4.10
ORapplemac_os_x_serverMatch10.4.11
ORapplemac_os_x_serverMatch10.5
ORapplemac_os_x_serverMatch10.5.0
ORapplemac_os_x_serverMatch10.5.1
ORapplemac_os_x_serverMatch10.5.2
ORapplemac_os_x_serverMatch10.5.3
ORapplemac_os_x_serverMatch10.5.4
ORapplemac_os_x_serverMatch10.5.5
ORapplemac_os_x_serverMatch10.5.6
ORapplemac_os_x_serverMatch10.5.7
ORapplemac_os_x_serverMatch10.5.8
ORapplemac_os_x_serverMatch10.6.0
ORapplemac_os_x_serverMatch10.6.1
ORapplemac_os_x_serverMatch10.6.2
ORapplemac_os_x_serverMatch10.6.3
ORapplemac_os_x_serverMatch10.6.4
ORapplemac_os_x_serverMatch10.6.5
ORapplemac_os_x_serverMatch10.6.6
ORapplemac_os_x_serverMatch10.6.7
ORapplemac_os_x_serverMatch10.6.8
ORapplemac_os_x_serverMatch10.7.0
ORapplemac_os_x_serverMatch10.7.1
ORapplemac_os_x_serverMatch10.7.2
ORapplemac_os_x_serverMatch10.7.3
Node
appleiphone_osRange≤5.1.1
ORappleiphone_osMatch1.0.0
ORappleiphone_osMatch1.0.1
ORappleiphone_osMatch1.0.2
ORappleiphone_osMatch1.1.0
ORappleiphone_osMatch1.1.1
ORappleiphone_osMatch1.1.2
ORappleiphone_osMatch1.1.3
ORappleiphone_osMatch1.1.4
ORappleiphone_osMatch1.1.5
ORappleiphone_osMatch2.0
ORappleiphone_osMatch2.0.1
ORappleiphone_osMatch2.0.2
ORappleiphone_osMatch2.1
ORappleiphone_osMatch2.1.1
ORappleiphone_osMatch2.2
ORappleiphone_osMatch2.2.1
ORappleiphone_osMatch3.0
ORappleiphone_osMatch3.0.1
ORappleiphone_osMatch3.1
ORappleiphone_osMatch3.1.2
ORappleiphone_osMatch3.1.3
ORappleiphone_osMatch3.2
ORappleiphone_osMatch3.2.1
ORappleiphone_osMatch3.2.2
ORappleiphone_osMatch4.0
ORappleiphone_osMatch4.0.1
ORappleiphone_osMatch4.0.2
ORappleiphone_osMatch4.1
ORappleiphone_osMatch4.2.1
ORappleiphone_osMatch4.2.5
ORappleiphone_osMatch4.2.8
ORappleiphone_osMatch4.3.0
ORappleiphone_osMatch4.3.1
ORappleiphone_osMatch4.3.2
ORappleiphone_osMatch4.3.3
ORappleiphone_osMatch4.3.5
ORappleiphone_osMatch5.0
ORappleiphone_osMatch5.0.1
ORappleiphone_osMatch5.1
Related
nvd
nvd
CVE-2012-3722
2012-09-20 21:55:03
prion
prion
Memory corruption
2012-09-20 21:55:00
cvelist
cvelist
CVE-2012-3722
2012-09-20 21:00:00
securityvulns
securityvulns
Apple Mac OS X multiple security vulnerabilities
2012-10-01 00:00:00
Apple TV multiple security vulnerabilities
2012-10-04 00:00:00
APPLE-SA-2012-09-24-1 Apple TV 5.1
2012-10-04 00:00:00
nessus
nessus
Apple TV < 5.1 Multiple Vulnerabilities
2012-09-27 00:00:00
Mac OS X Multiple Vulnerabilities (Security Update 2012-004) (BEAST)
2012-09-20 00:00:00
Mac OS X 10.7.x < 10.7.5 Multiple Vulnerabilities (BEAST)
2012-09-20 00:00:00
openvas
openvas
Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004)
2012-09-25 00:00:00
Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004)
2012-09-25 00:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
High
0.019 Low
EPSS
Percentile
88.4%
Related for CVE-2012-3722