Lucene search

[email protected]CVE-2008-3628

HistorySep 11, 2008 - 1:13 a.m.

CVE-2008-3628

2008-09-1101:13:09

CWE-399

[email protected]

web.nvd.nist.gov

cve-2008-3628

apple

quicktime

windows

remote attackers

execute arbitrary code

denial of service

pict image

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

High

0.022 Low

EPSS

Percentile

89.5%

JSON

Apple QuickTime before 7.5.5 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image, related to an “invalid pointer issue.”

Affected configurations

NVD

Node

applequicktimeRange<7.5.5

AND

microsoftwindowsMatch-

CPENameOperatorVersion
apple:quicktimeapple quicktimelt7.5.5

CPE	Name	Operator	Version
apple:quicktime	apple quicktime	lt	7.5.5

References

lists.apple.com/archives/security-announce//2008/Sep/msg00000.html

secunia.com/advisories/31821

securitytracker.com/id?1020841

support.apple.com/kb/HT3027

www.securityfocus.com/bid/31086

www.vupen.com/english/advisories/2008/2527

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15841

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

High

0.022 Low

EPSS

Percentile

89.5%

JSON

Related for CVE-2008-3628

prion1 cvelist1 nvd1 nessus1 openvas2 seebug1