Lucene search

K
cveAppleCVE-2010-3795
HistoryNov 16, 2010 - 10:00 p.m.

CVE-2010-3795

2010-11-1622:00:16
CWE-119
apple
web.nvd.nist.gov
38
cve-2010-3795
quicktime
apple
mac os x
remote execution
denial of service
gif
vulnerability

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

9

Confidence

High

EPSS

0.043

Percentile

92.5%

QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of GIF image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.

Affected configurations

Nvd
Node
applemac_os_xMatch10.6.0
OR
applemac_os_xMatch10.6.1
OR
applemac_os_xMatch10.6.2
OR
applemac_os_xMatch10.6.3
OR
applemac_os_xMatch10.6.4
Node
applemac_os_x_serverMatch10.6.0
OR
applemac_os_x_serverMatch10.6.1
OR
applemac_os_x_serverMatch10.6.2
OR
applemac_os_x_serverMatch10.6.3
OR
applemac_os_x_serverMatch10.6.4
VendorProductVersionCPE
applemac_os_x10.6.3cpe:/o:apple:mac_os_x:10.6.3:::
applemac_os_x10.6.1cpe:/o:apple:mac_os_x:10.6.1:::
applemac_os_x10.6.4cpe:/o:apple:mac_os_x:10.6.4:::
applemac_os_x10.6.2cpe:/o:apple:mac_os_x:10.6.2:::
applemac_os_x10.6.0cpe:/o:apple:mac_os_x:10.6.0:::

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

9

Confidence

High

EPSS

0.043

Percentile

92.5%