Lucene search
HistoryJul 07, 2004 - 4:00 a.m.
CVE-2004-0431
cve-2004-0431
apple
quicktime
integer overflow
arbitrary code execution
buffer overflow
security vulnerability
nvd
7.5 High
AI Score
Confidence
Low
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.066 Low
EPSS
Percentile
93.8%
Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1 allows attackers to execute arbitrary code via a large “number of entries” field in the sample-to-chunk table data for a .mov movie file, which leads to a heap-based buffer overflow.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apple:quicktime | apple quicktime | le | 6.5 |
Related
securityvulns
securityvulns
[EEYEB-20051117B] Apple iTunes (QuickTime.qts) Heap Overflow
2006-01-12 00:00:00
cvelist
cvelist
CVE-2004-0431
2004-05-06 04:00:00
checkpoint_advisories
checkpoint_advisories
Apple Quicktime Heap Overflow (CVE-2004-0431)
2010-04-07 00:00:00
cert
cert
openvas
openvas
Quicktime player/plug-in Heap overflow
2005-11-03 00:00:00
nessus
nessus
7.5 High
AI Score
Confidence
Low
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.066 Low
EPSS
Percentile
93.8%
Related for CVE-2004-0431