Lucene search

[email protected]CVE-2005-1248

HistoryMay 16, 2005 - 4:00 a.m.

CVE-2005-1248

2005-05-1604:00:00

[email protected]

web.nvd.nist.gov

apple itunes

buffer overflow

remote code execution

mpeg4 file

cve-2005-1248

security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.037 Low

EPSS

Percentile

91.9%

JSON

Buffer overflow in Apple iTunes before 4.8 allows remote attackers to execute arbitrary code via a crafted MPEG4 file.

Affected configurations

NVD

Node

appleitunesMatch4.2.72

appleitunesMatch4.5

appleitunesMatch4.6

appleitunesMatch4.7

appleitunesMatch4.7.1

CPENameOperatorVersion
apple:itunesapple ituneseq4.2.72
apple:itunesapple ituneseq4.5
apple:itunesapple ituneseq4.6
apple:itunesapple ituneseq4.7
apple:itunesapple ituneseq4.7.1

CPE	Name	Operator	Version
apple:itunes	apple itunes	eq	4.2.72
apple:itunes	apple itunes	eq	4.5
apple:itunes	apple itunes	eq	4.6
apple:itunes	apple itunes	eq	4.7
apple:itunes	apple itunes	eq	4.7.1

References

docs.info.apple.com/article.html?artnum=301596

lists.apple.com/archives/security-announce/2005/May/msg00003.html

secunia.com/advisories/15310

securitytracker.com/id?1013927

www.ngssoftware.com/advisories/itunes.txt

www.osvdb.org/16243

www.securityfocus.com/bid/13565

www.vupen.com/english/advisories/2005/0504

exchange.xforce.ibmcloud.com/vulnerabilities/20498

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17304

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.037 Low

EPSS

Percentile

91.9%

JSON

Related for CVE-2005-1248

nvd1 cvelist1 nessus1