CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
EPSS
Percentile
98.2%
The Apple Security Team reports that there are multiple
vulnerabilities within QuickTime (one of the plugins for
win32-codecs). A remote attacker capable of creating a
malicious SGI image, FlashPix, FLC movie, or a QuickTime
movie can possibly lead to execution of arbitrary code or
cause a Denial of Service (application crash).
Users who have QuickTime (/win32-codecs) as a browser plugin
may be vulnerable to remote code execution by visiting a
website containing a malicious SGI image, FlashPix, FLC movie
or a QuickTime movie.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | win32-codecs | < 3.1.0.p8_1,1 | UNKNOWN |