Lucene search

[email protected]CVE-2006-1463

HistoryMay 12, 2006 - 8:06 p.m.

CVE-2006-1463

2006-05-1220:06:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2006-1463

apple quicktime

buffer overflow

remote code execution

h.264

m4v

video format

vulnerability

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.128 Low

EPSS

Percentile

95.5%

JSON

Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a H.264 (M4V) video format file with a certain modified size value.

Affected configurations

NVD

Node

applequicktimeMatch7.0.3

applequicktimeMatch7.0.4

CPENameOperatorVersion
apple:quicktimeapple quicktimeeq7.0.3
apple:quicktimeapple quicktimeeq7.0.4

CPE	Name	Operator	Version
apple:quicktime	apple quicktime	eq	7.0.3
apple:quicktime	apple quicktime	eq	7.0.4

References

lists.apple.com/archives/security-announce/2006/May/msg00002.html

secunia.com/advisories/20069

securityreason.com/securityalert/888

securitytracker.com/id?1016067

www.securityfocus.com/archive/1/433828/100/0/threaded

www.securityfocus.com/bid/17953

www.us-cert.gov/cas/techalerts/TA06-132B.html

www.vupen.com/english/advisories/2006/1778

www.zerodayinitiative.com/advisories/ZDI-06-015.html

exchange.xforce.ibmcloud.com/vulnerabilities/26396

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.128 Low

EPSS

Percentile

95.5%

JSON

Related for CVE-2006-1463

prion1 nvd1 cvelist1 securityvulns1 zdi1 nessus2