Lucene search
HistoryDec 10, 2008 - 6:44 a.m.
CVE-2008-5406
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.8 High
AI Score
Confidence
High
0.045 Low
EPSS
Percentile
92.5%
Stack-based buffer overflow in Apple QuickTime Player 7.5.5 and iTunes 8.0.2.20 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a MOV file with “long arguments,” related to an “off by one overflow.”
Affected configurations
Node
appleitunesMatch8.0.2.20
ORapplequicktimeMatch7.5.5
Related
openvas
openvas
Apple QuickTime Malformed .mov File Buffer Overflow Vulnerability
2008-12-18 00:00:00
Apple QuickTime Malformed .mov File Buffer Overflow Vulnerability
2008-12-18 00:00:00
Apple iTunes Malformed .mov File Buffer Overflow Vulnerability
2008-12-18 00:00:00
prion
prion
Stack overflow
2008-12-10 06:44:00
cve
cve
CVE-2008-5406
2008-12-10 06:44:42
cvelist
cvelist
CVE-2008-5406
2008-12-09 11:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.8 High
AI Score
Confidence
High
0.045 Low
EPSS
Percentile
92.5%
Related for NVD:CVE-2008-5406