Lucene search

[email protected]CVE-2008-3625

HistorySep 11, 2008 - 1:13 a.m.

CVE-2008-3625

2008-09-1101:13:00

CWE-119

[email protected]

web.nvd.nist.gov

cve

buffer overflow

apple

quicktime

security vulnerability

remote attack

denial of service

7.9 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.436 Medium

EPSS

Percentile

97.4%

JSON

Stack-based buffer overflow in Apple QuickTime before 7.5.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a QuickTime Virtual Reality (QTVR) movie file with crafted (1) maxTilt, (2) minFieldOfView, and (3) maxFieldOfView elements in panorama track PDAT atoms.

CPENameOperatorVersion
apple:quicktimeapple quicktimelt7.5.5

CPE	Name	Operator	Version
apple:quicktime	apple quicktime	lt	7.5.5

References

lists.apple.com/archives/security-announce//2008/Sep/msg00000.html

secunia.com/advisories/31821

securitytracker.com/id?1020841

support.apple.com/kb/HT3027

www.securityfocus.com/archive/1/496161/100/0/threaded

www.securityfocus.com/bid/31086

www.vupen.com/english/advisories/2008/2527

www.zerodayinitiative.com/advisories/ZDI-08-058/

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15935

7.9 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.436 Medium

EPSS

Percentile

97.4%

JSON

Related for CVE-2008-3625

checkpoint_advisories1 securityvulns2 cvelist1 prion1 zdi1 nessus3 seebug1 openvas2