Lucene search

[email protected]CVE-2005-3710

HistoryDec 31, 2005 - 5:00 a.m.

CVE-2005-3710

2005-12-3105:00:00

CWE-189

[email protected]

web.nvd.nist.gov

apple quicktime

integer overflow

cve-2005-3710

remote code execution

tiff

imagewidth tag

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.836 High

EPSS

Percentile

98.5%

JSON

Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified image height and width (ImageWidth) tags.

CPENameOperatorVersion
apple:quicktimeapple quicktimeeq7.0.1
apple:quicktimeapple quicktimeeq7.0
apple:quicktimeapple quicktimeeq7.0.2
apple:quicktimeapple quicktimele7.0.3

CPE	Name	Operator	Version
apple:quicktime	apple quicktime	eq	7.0.1
apple:quicktime	apple quicktime	eq	7.0
apple:quicktime	apple quicktime	eq	7.0.2
apple:quicktime	apple quicktime	le	7.0.3

References

archives.neohapsis.com/archives/fulldisclosure/2006-01/0440.html

docs.info.apple.com/article.html?artnum=303101

secunia.com/advisories/18370

securityreason.com/securityalert/347

securitytracker.com/id?1015465

www.kb.cert.org/vuls/id/150753

www.osvdb.org/22337

www.securityfocus.com/archive/1/421797/100/0/threaded

www.securityfocus.com/bid/16202

www.us-cert.gov/cas/techalerts/TA06-011A.html

www.vupen.com/english/advisories/2006/0128

exchange.xforce.ibmcloud.com/vulnerabilities/24059

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.836 High

EPSS

Percentile

98.5%

JSON

Related for CVE-2005-3710

cvelist1 securityvulns2 cert3 nessus1