Lucene search
HistoryMay 24, 2013 - 4:43 p.m.
CVE-2013-1022
cve-2013-1022
buffer overflow
apple quicktime
remote code execution
nvd
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.8 High
AI Score
Confidence
Low
0.063 Low
EPSS
Percentile
93.6%
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted mvhd atoms in a movie file.
Affected configurations
Node
applequicktimeRange≤7.7.3
ORapplequicktimeMatch3.0
ORapplequicktimeMatch4.1.2
ORapplequicktimeMatch5.0
ORapplequicktimeMatch5.0.1
ORapplequicktimeMatch5.0.2
ORapplequicktimeMatch6.0
ORapplequicktimeMatch6.0.0
ORapplequicktimeMatch6.0.1
ORapplequicktimeMatch6.0.2
ORapplequicktimeMatch6.1
ORapplequicktimeMatch6.1.0
ORapplequicktimeMatch6.1.1
ORapplequicktimeMatch6.2.0
ORapplequicktimeMatch6.3.0
ORapplequicktimeMatch6.4.0
ORapplequicktimeMatch6.5
ORapplequicktimeMatch6.5.0
ORapplequicktimeMatch6.5.1
ORapplequicktimeMatch6.5.2
ORapplequicktimeMatch7.0.0
ORapplequicktimeMatch7.0.1
ORapplequicktimeMatch7.0.2
ORapplequicktimeMatch7.0.3
ORapplequicktimeMatch7.0.4
ORapplequicktimeMatch7.1.0
ORapplequicktimeMatch7.1.1
ORapplequicktimeMatch7.1.2
ORapplequicktimeMatch7.1.3
ORapplequicktimeMatch7.1.4
ORapplequicktimeMatch7.1.5
ORapplequicktimeMatch7.1.6
ORapplequicktimeMatch7.2.0
ORapplequicktimeMatch7.2.1
ORapplequicktimeMatch7.3.0
ORapplequicktimeMatch7.3.1
ORapplequicktimeMatch7.4.0
ORapplequicktimeMatch7.4.1
ORapplequicktimeMatch7.4.5
ORapplequicktimeMatch7.5.0
ORapplequicktimeMatch7.5.5
ORapplequicktimeMatch7.6.0
ORapplequicktimeMatch7.6.1
ORapplequicktimeMatch7.6.2
ORapplequicktimeMatch7.6.5
ORapplequicktimeMatch7.6.6
ORapplequicktimeMatch7.6.7
ORapplequicktimeMatch7.6.8
ORapplequicktimeMatch7.6.9
ORapplequicktimeMatch7.7.0
ORapplequicktimeMatch7.7.1
ORapplequicktimeMatch7.7.2
microsoftwindows_7
ORmicrosoftwindows_vista
ORmicrosoftwindows_xpsp2
Related
zdi
zdi
Apple QuickTime mvhd Atom Parsing Remote Code Execution Vulnerability
2013-06-11 00:00:00
prion
prion
Buffer overflow
2013-05-24 16:43:00
nvd
nvd
CVE-2013-1022
2013-05-24 16:43:58
cvelist
cvelist
CVE-2013-1022
2013-05-24 10:00:00
nessus
nessus
Mac OS X Multiple Vulnerabilities (Security Update 2013-003)
2013-07-02 00:00:00
QuickTime < 7.7.4 Multiple Vulnerabilities (Windows) (deprecated)
2013-05-23 00:00:00
QuickTime < 7.7.4 Multiple Vulnerabilities (Windows)
2013-05-23 00:00:00
kaspersky
kaspersky
KLA10017 Multiple vulnerabilities in Apple QuickTime
2013-05-22 00:00:00
openvas
openvas
Apple QuickTime Multiple Vulnerabilities - June13 (Windows)
2013-06-07 00:00:00
Apple QuickTime Multiple Vulnerabilities (Jun 2013) - Windows
2013-06-07 00:00:00
securityvulns
securityvulns
Apple QuickTime multiple security vulnerabilities
2013-05-27 00:00:00
APPLE-SA-2013-05-22-1 QuickTime 7.7.4
2013-05-27 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.8 High
AI Score
Confidence
Low
0.063 Low
EPSS
Percentile
93.6%
Related for CVE-2013-1022