9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.971 High
EPSS
Percentile
99.8%
Versions of QuickTime earlier than 7.6.8 are potentially affected by multiple vulnerabilities :
An input validation issue in the QTPlugin.ocx ActiveX control could allow an attacker to force the application to jump to a location in memory controlled by the attacker through the optional ‘_Marshaled_pUnk’ parameter and in turn to execute remote code under the context of the user running the web browser. (CVE-2010-1818)
Binary data 801185.prm
archives.neohapsis.com/archives/bugtraq/2010-08/0373.html
.reversemode.com/index.php?option=com_content&task=view&id=69&Itemid=1
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1818
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1819
lists.apple.com/archives/security-announce/2010/sep/msg00003.html
support.apple.com/kb/HT4339
zerodayinitiative.com/advisories/ZDI-10-168