Lucene search

[email protected]CVE-2008-1023

HistoryApr 04, 2008 - 5:44 p.m.

CVE-2008-1023

2008-04-0417:44:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-1023

heap-based buffer overflow

apple quicktime

nvd

security vulnerability

buffer overflow

pict image file

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.031 Low

EPSS

Percentile

91.1%

JSON

Heap-based buffer overflow in Clip opcode parsing in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted PICT image file.

Affected configurations

NVD

Node

applequicktimeRange≤7.4.4

CPENameOperatorVersion
apple:quicktimeapple quicktimele7.4.4

CPE	Name	Operator	Version
apple:quicktime	apple quicktime	le	7.4.4

References

secunia.com/advisories/29650

securitytracker.com/id?1019767

support.apple.com/kb/HT1241

www.securityfocus.com/bid/28583

www.us-cert.gov/cas/techalerts/TA08-094A.html

www.vupen.com/english/advisories/2008/1078

exchange.xforce.ibmcloud.com/vulnerabilities/41615

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.031 Low

EPSS

Percentile

91.1%

JSON

Related for CVE-2008-1023

nvd1 cvelist1 prion1 nessus3 seebug1