Lucene search
HistoryFeb 27, 2014 - 1:55 a.m.
CVE-2014-1246
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.6
Confidence
High
EPSS
0.04
Percentile
92.1%
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ftab atom in a movie file.
Affected configurations
Node
applequicktimeRange≤7.7.4
ORapplequicktimeMatch7.0.0
ORapplequicktimeMatch7.0.1
ORapplequicktimeMatch7.0.2
ORapplequicktimeMatch7.0.3
ORapplequicktimeMatch7.0.4
ORapplequicktimeMatch7.1.0
ORapplequicktimeMatch7.1.1
ORapplequicktimeMatch7.1.2
ORapplequicktimeMatch7.1.3
ORapplequicktimeMatch7.1.4
ORapplequicktimeMatch7.1.5
ORapplequicktimeMatch7.1.6
ORapplequicktimeMatch7.2.0
ORapplequicktimeMatch7.2.1
ORapplequicktimeMatch7.3.0
ORapplequicktimeMatch7.3.1
ORapplequicktimeMatch7.3.1.70
ORapplequicktimeMatch7.4.0
ORapplequicktimeMatch7.4.1
ORapplequicktimeMatch7.4.5
ORapplequicktimeMatch7.5.0
ORapplequicktimeMatch7.5.5
ORapplequicktimeMatch7.6.0
ORapplequicktimeMatch7.6.1
ORapplequicktimeMatch7.6.2
ORapplequicktimeMatch7.6.5
ORapplequicktimeMatch7.6.6
ORapplequicktimeMatch7.6.7
ORapplequicktimeMatch7.6.8
ORapplequicktimeMatch7.6.9
ORapplequicktimeMatch7.7.0
ORapplequicktimeMatch7.7.1
ORapplequicktimeMatch7.7.2
ORapplequicktimeMatch7.7.3
ORapplequicktimeMatch7.60.92.0
ORapplequicktimeMatch7.62.14.0
ORapplequicktimeMatch7.64.17.73
ORapplequicktimeMatch7.65.17.80
ORapplequicktimeMatch7.66.71.0
ORapplequicktimeMatch7.67.75.0
ORapplequicktimeMatch7.68.75.0
ORapplequicktimeMatch7.69.80.9
ORapplequicktimeMatch7.70.80.34
ORapplequicktimeMatch7.71.80.42
| Vendor | Product | Version | CPE |
|---|---|---|---|
| apple | quicktime | * | cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:* |
| apple | quicktime | 7.0.0 | cpe:2.3:a:apple:quicktime:7.0.0:*:*:*:*:*:*:* |
| apple | quicktime | 7.0.1 | cpe:2.3:a:apple:quicktime:7.0.1:*:*:*:*:*:*:* |
| apple | quicktime | 7.0.2 | cpe:2.3:a:apple:quicktime:7.0.2:*:*:*:*:*:*:* |
| apple | quicktime | 7.0.3 | cpe:2.3:a:apple:quicktime:7.0.3:*:*:*:*:*:*:* |
| apple | quicktime | 7.0.4 | cpe:2.3:a:apple:quicktime:7.0.4:*:*:*:*:*:*:* |
| apple | quicktime | 7.1.0 | cpe:2.3:a:apple:quicktime:7.1.0:*:*:*:*:*:*:* |
| apple | quicktime | 7.1.1 | cpe:2.3:a:apple:quicktime:7.1.1:*:*:*:*:*:*:* |
| apple | quicktime | 7.1.2 | cpe:2.3:a:apple:quicktime:7.1.2:*:*:*:*:*:*:* |
| apple | quicktime | 7.1.3 | cpe:2.3:a:apple:quicktime:7.1.3:*:*:*:*:*:*:* |
Related
checkpoint_advisories
checkpoint_advisories
Apple QuickTime ftab Atom Stack Buffer Overflow (CVE-2014-1246)
2014-05-04 00:00:00
zdi
zdi
Apple QuickTime ftab Atom Remote Code Execution Vulnerability
2014-04-03 00:00:00
cve
cve
CVE-2014-1246
2014-02-27 01:55:03
cvelist
cvelist
CVE-2014-1246
2014-02-27 01:00:00
prion
prion
Buffer overflow
2014-02-27 01:55:00
openvas
openvas
Apple QuickTime Multiple Vulnerabilities (Mar 2014) - Windows
2014-03-04 00:00:00
Apple Mac OS X Multiple Vulnerabilities -04 (Sep 2014)
2014-09-22 00:00:00
securityvulns
securityvulns
Apple QuickTime multiple security vulnerabilities
2014-02-28 00:00:00
APPLE-SA-2014-02-25-3 QuickTime 7.7.5
2014-02-28 00:00:00
APPLE-SA-2014-02-25-1 OS X Mavericks 10.9.2 and Security Update 2014-001
2014-02-28 00:00:00
nessus
nessus
QuickTime < 7.7.5 Multiple Vulnerabilities (Windows)
2014-02-26 00:00:00
Mac OS X Multiple Vulnerabilities (Security Update 2014-001) (BEAST)
2014-02-25 00:00:00
Mac OS X 10.9.x < 10.9.2 Multiple Vulnerabilities
2014-02-25 00:00:00
kaspersky
kaspersky
KLA10016 Multiple vulnerabilities in Apple QuickTime
2014-02-25 00:00:00
seebug
seebug
Apple Mac OS X多个安全漏洞(APPLE-SA-2014-02-25-1)
2014-02-26 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.6
Confidence
High
EPSS
0.04
Percentile
92.1%
Related for NVD:CVE-2014-1246