Lucene search

[email protected]CVE-2006-1456

HistoryMay 12, 2006 - 9:02 p.m.

CVE-2006-1456

2006-05-1221:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

buffer overflow

quicktime streaming server

apple

mac os x

remote code execution

rtsp

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.053 Low

EPSS

Percentile

93.0%

JSON

Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging.

CPENameOperatorVersion
apple:mac_os_x_serverapple mac os x servereq10.4.6
apple:mac_os_x_serverapple mac os x servereq10.3.9
apple:mac_os_xapple mac os xeq10.4.6
apple:mac_os_xapple mac os xeq10.3.9

CPE	Name	Operator	Version
apple:mac_os_x_server	apple mac os x server	eq	10.4.6
apple:mac_os_x_server	apple mac os x server	eq	10.3.9
apple:mac_os_x	apple mac os x	eq	10.4.6
apple:mac_os_x	apple mac os x	eq	10.3.9

References

lists.apple.com/archives/security-announce/2006/May/msg00003.html

secunia.com/advisories/20077

securitytracker.com/id?1016070

www.osvdb.org/25600

www.securityfocus.com/bid/17951

www.us-cert.gov/cas/techalerts/TA06-132A.html

www.vupen.com/english/advisories/2006/1779

exchange.xforce.ibmcloud.com/vulnerabilities/26424

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.053 Low

EPSS

Percentile

93.0%

JSON

Related for CVE-2006-1456

prion1 nessus1