PRIOn knowledge basePRION:CVE-2009-2798

HistorySep 10, 2009 - 9:30 p.m.

Heap overflow

2009-09-1021:30:00

PRIOn knowledge base

www.prio-n.com

8.4 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.628 Medium

EPSS

Percentile

97.7%

JSON

Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file.

CPENameOperatorVersion
quicktimeeq7.1.5 windows
quicktimeeq7.3.1
quicktimeeq7.5.5 mac
quicktimeeq7.4.0 windows
quicktimeeq6.5.1
quicktimeeq5.0.2 windows
quicktimeeq6.1.0
quicktimeeq6.1.1 windows
quicktimeeq6.5.2 mac
quicktimeeq6.0.1

Name	Operator	Version
quicktime	eq	7.1.5 windows
quicktime	eq	7.3.1
quicktime	eq	7.5.5 mac
quicktime	eq	7.4.0 windows
quicktime	eq	6.5.1
quicktime	eq	5.0.2 windows
quicktime	eq	6.1.0
quicktime	eq	6.1.1 windows
quicktime	eq	6.5.2 mac
quicktime	eq	6.0.1

Rows per page:

1-10 of 1301

References

lists.apple.com/archives/security-announce/2009/Nov/msg00000.html

lists.apple.com/archives/security-announce/2009/Sep/msg00002.html

support.apple.com/kb/HT3859

support.apple.com/kb/HT3937

www.securityfocus.com/bid/36328

www.vupen.com/english/advisories/2009/3184

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6258

8.4 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.628 Medium

EPSS

Percentile

97.7%

JSON

Related for PRION:CVE-2009-2798