Lucene search
HistoryFeb 27, 2014 - 1:55 a.m.
CVE-2014-1243
apple
quicktime
cve-2014-1243
remote attackers
arbitrary code
denial of service
crafted track list
movie file
nvd
7.5 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.03 Low
EPSS
Percentile
90.9%
Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted track list in a movie file.
References
Related
zdi
zdi
Apple QuickTime nam Atom Parsing Remote Code Execution Vulnerability
2014-04-03 00:00:00
prion
prion
Design/Logic Flaw
2014-02-27 01:55:00
seebug
seebug
Apple QuickTimeθΏη¨ε
εη ΄εζΌζ΄
2014-02-28 00:00:00
nessus
nessus
Quicktime (for Windows) < 7.7.5 Multiple Vulnerabilities (deprecated)
2014-02-26 00:00:00
QuickTime < 7.7.5 Multiple Vulnerabilities (Windows)
2014-02-26 00:00:00
openvas
openvas
Apple QuickTime Multiple Vulnerabilities (Mar 2014) - Windows
2014-03-04 00:00:00
kaspersky
kaspersky
KLA10016 Multiple vulnerabilities in Apple QuickTime
2014-02-25 00:00:00
securityvulns
securityvulns
APPLE-SA-2014-02-25-3 QuickTime 7.7.5
2014-02-28 00:00:00
Apple QuickTime multiple security vulnerabilities
2014-02-28 00:00:00
7.5 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.03 Low
EPSS
Percentile
90.9%
Related for CVE-2014-1243