CVE-2007-0588
7.6 High
AI Score
Confidence
Low
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.796 High
EPSS
Percentile
98.2%
The InternalUnpackBits function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT file that triggers memory corruption in the _GetSrcBits32ARGB function. NOTE: this issue might overlap CVE-2007-0462.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apple:quicktime | apple quicktime | eq | 7.1.3 |
| apple:mac_os_x | apple mac os x | eq | 10.4.8 |
References
docs.info.apple.com/article.html?artnum=305214
lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
secunia.com/advisories/24479
security-protocols.com/sp-x43-advisory.php
www.kb.cert.org/vuls/id/396820
www.osvdb.org/33365
www.securityfocus.com/bid/22228
www.securitytracker.com/id?1017760
www.us-cert.gov/cas/techalerts/TA07-072A.html
www.vupen.com/english/advisories/2007/0930
Related
7.6 High
AI Score
Confidence
Low
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.796 High
EPSS
Percentile
98.2%