Lucene search
HistoryOct 18, 2014 - 1:55 a.m.
CVE-2014-4351
cve-2014-4351
buffer overflow
quicktime
apple
os x
denial of service
remote attackers
arbitrary code
m4a file
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
9.2 High
AI Score
Confidence
High
0.025 Low
EPSS
Percentile
90.2%
Buffer overflow in QuickTime in Apple OS X before 10.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio samples in an m4a file.
Affected configurations
Node
applemac_os_xRange≤10.9.5
| CPE | Name | Operator | Version |
|---|---|---|---|
| apple:mac_os_x | apple mac os x | le | 10.9.5 |
Related
cvelist
cvelist
CVE-2014-4351
2014-10-18 01:00:00
nvd
nvd
CVE-2014-4351
2014-10-18 01:55:12
prion
prion
Buffer overflow
2014-10-18 01:55:00
openvas
openvas
Apple QuickTime Multiple Vulnerabilities (HT203092) - Windows
2017-12-14 00:00:00
Apple Mac OS X Security Update (HT203112)
2022-09-02 00:00:00
nessus
nessus
QuickTime < 7.7.6 Multiple Vulnerabilities (Windows)
2014-10-24 00:00:00
Mac OS X < 10.10 Multiple Vulnerabilities (POODLE) (Shellshock)
2014-10-17 00:00:00
securityvulns
securityvulns
Apple Quicktime multiple security vulnerabilities
2014-10-27 00:00:00
APPLE-SA-2014-10-22-1 QuickTime 7.7.6
2014-10-27 00:00:00
APPLE-SA-2014-10-16-1 OS X Yosemite v10.10
2014-10-18 00:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
9.2 High
AI Score
Confidence
High
0.025 Low
EPSS
Percentile
90.2%
Related for CVE-2014-4351