Lucene search
HistoryFeb 27, 2014 - 1:55 a.m.
CVE-2014-1250
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.6 High
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
79.4%
Apple QuickTime before 7.7.5 does not properly perform a byte-swapping operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted ttfo element in a movie file.
Affected configurations
Node
applequicktimeRange≤7.7.4
ORapplequicktimeMatch7.0.0
ORapplequicktimeMatch7.0.1
ORapplequicktimeMatch7.0.2
ORapplequicktimeMatch7.0.3
ORapplequicktimeMatch7.0.4
ORapplequicktimeMatch7.1.0
ORapplequicktimeMatch7.1.1
ORapplequicktimeMatch7.1.2
ORapplequicktimeMatch7.1.3
ORapplequicktimeMatch7.1.4
ORapplequicktimeMatch7.1.5
ORapplequicktimeMatch7.1.6
ORapplequicktimeMatch7.2.0
ORapplequicktimeMatch7.2.1
ORapplequicktimeMatch7.3.0
ORapplequicktimeMatch7.3.1
ORapplequicktimeMatch7.3.1.70
ORapplequicktimeMatch7.4.0
ORapplequicktimeMatch7.4.1
ORapplequicktimeMatch7.4.5
ORapplequicktimeMatch7.5.0
ORapplequicktimeMatch7.5.5
ORapplequicktimeMatch7.6.0
ORapplequicktimeMatch7.6.1
ORapplequicktimeMatch7.6.2
ORapplequicktimeMatch7.6.5
ORapplequicktimeMatch7.6.6
ORapplequicktimeMatch7.6.7
ORapplequicktimeMatch7.6.8
ORapplequicktimeMatch7.6.9
ORapplequicktimeMatch7.7.0
ORapplequicktimeMatch7.7.1
ORapplequicktimeMatch7.7.2
ORapplequicktimeMatch7.7.3
ORapplequicktimeMatch7.60.92.0
ORapplequicktimeMatch7.62.14.0
ORapplequicktimeMatch7.64.17.73
ORapplequicktimeMatch7.65.17.80
ORapplequicktimeMatch7.66.71.0
ORapplequicktimeMatch7.67.75.0
ORapplequicktimeMatch7.68.75.0
ORapplequicktimeMatch7.69.80.9
ORapplequicktimeMatch7.70.80.34
ORapplequicktimeMatch7.71.80.42
Related
cve
cve
CVE-2014-1250
2014-02-27 01:55:03
prion
prion
Out-of-bounds
2014-02-27 01:55:00
cvelist
cvelist
CVE-2014-1250
2014-02-27 01:00:00
nessus
nessus
Apple Quicktime 7.7.5 Multiple Vulnerabilities
2014-02-26 00:00:00
Quicktime (for Windows) < 7.7.5 Multiple Vulnerabilities (deprecated)
2014-02-26 00:00:00
QuickTime < 7.7.5 Multiple Vulnerabilities (Windows)
2014-02-26 00:00:00
openvas
openvas
Apple QuickTime Multiple Vulnerabilities (Mar 2014) - Windows
2014-03-04 00:00:00
Apple Mac OS X Multiple Vulnerabilities -04 (Sep 2014)
2014-09-22 00:00:00
kaspersky
kaspersky
KLA10016 Multiple vulnerabilities in Apple QuickTime
2014-02-25 00:00:00
securityvulns
securityvulns
Apple QuickTime multiple security vulnerabilities
2014-02-28 00:00:00
APPLE-SA-2014-02-25-3 QuickTime 7.7.5
2014-02-28 00:00:00
Apple Mac OS X multiple security vulnerabilities
2014-02-28 00:00:00
seebug
seebug
Apple Mac OS X多个安全漏洞(APPLE-SA-2014-02-25-1)
2014-02-26 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.6 High
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
79.4%
Related for NVD:CVE-2014-1250