CVE-2004-0431

Sažetak

Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1 allows attackers to execute arbitrary code via a large "number of entries" field in the sample-to-chunk table data for a .mov movie file, which leads to a heap-based buffer overflow.

Reference

http://lists.apple.com/mhonarc/security-announce/msg00048.html
http://marc.info/?l=bugtraq&m=108360110618389&w=2
http://marc.info/?l=ntbugtraq&m=108356485013237&w=2
http://www.kb.cert.org/vuls/id/782958
https://exchange.xforce.ibmcloud.com/vulnerabilities/16026

CVSS

Base:	5.1
Impact:	6.4
Exploitability:	4.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:H/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

11-07-2017 - 01:30

Objavljeno

07-07-2004 - 04:00