[email protected]CVE-2006-1454

HistoryMay 12, 2006 - 8:06 p.m.

CVE-2006-1454

2006-05-1220:06:00

CWE-119

[email protected]

web.nvd.nist.gov

apple

quicktime

cve-2006-1454

buffer overflow

remote attackers

arbitrary code

quickdraw pict

image format

security vulnerability

7.7 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.14 Low

EPSS

Percentile

95.7%

JSON

Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file with malformed image data.

CPENameOperatorVersion
apple:quicktimeapple quicktimeeq7.0.3
apple:quicktimeapple quicktimeeq7.0.4

CPE	Name	Operator	Version
apple:quicktime	apple quicktime	eq	7.0.3
apple:quicktime	apple quicktime	eq	7.0.4

References

lists.apple.com/archives/security-announce/2006/May/msg00002.html

lists.apple.com/archives/security-announce/2006/May/msg00003.html

secunia.com/advisories/20069

secunia.com/advisories/20077

securityreason.com/securityalert/887

securitytracker.com/id?1016067

securitytracker.com/id?1016075

www.securityfocus.com/archive/1/433831/100/0/threaded

www.securityfocus.com/bid/17951

www.securityfocus.com/bid/17953

www.us-cert.gov/cas/techalerts/TA06-132A.html

www.us-cert.gov/cas/techalerts/TA06-132B.html

www.vupen.com/english/advisories/2006/1778

www.vupen.com/english/advisories/2006/1779

exchange.xforce.ibmcloud.com/vulnerabilities/26401

7.7 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.14 Low

EPSS

Percentile

95.7%

JSON

Related for CVE-2006-1454

cvelist1 prion1 securityvulns1 nessus3