CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
97.8%
The version of QuickTime installed on the remote host is older than 7.6.4. Such versions contain multiple issues :
A memory corruption issue exists in the handling of H.264 movie files. (CVE-2009-2202)
A buffer overflow in the handling of MPEG-4 video files. (CVE-2009-2203)
A heap buffer overflow exists in the handling of FlashPix files. (CVE-2009-2798)
A heap buffer overflow exists in the handling of H.264 movie files. (CVE-2009-2799)
Binary data 5159.prm
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2202
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2203
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2798
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2799
lists.apple.com/archives/security-announce/2009/sep/msg00002.html
support.apple.com/kb/HT3859
support.apple.com/kb/HT3869