CVE-2005-2753
Published Nov 5, 2005
Last updated 6 years ago
Overview
- Description
- Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file that causes a sign extension of the length element in a Pascal style string.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5.1
- Impact score
- 6.4
- Exploitability score
- 4.9
- Vector string
- AV:N/AC:H/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-189
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:quicktime:*:*:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F683586B-0172-4F04-870A-DD1A4AA38DD2", "versionEndIncluding": "7.0.2" }, { "criteria": "cpe:2.3:a:apple:quicktime:6.5.2:*:mac_os_x_10.2:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B821AA3F-98E4-4AF2-8E7F-52D5FF8F5000" }, { "criteria": "cpe:2.3:a:apple:quicktime:6.5.2:*:mac_os_x_10.3:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D8239EEC-A7FA-45FC-8AE8-793A1F46B34C" }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0:*:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC1B46A6-E032-4E24-B367-F5A94E770FC5" }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0.1:*:mac_os_x_10.3:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3195F233-6E2E-47CD-A882-4F01BECC40FE" }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0.1:*:mac_os_x_10.4:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCD74F99-E8DD-4DF6-91AF-5AA443DB1921" }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0.1:*:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E0B99DA-3BDA-4848-85BB-EC0D002A73F2" } ], "operator": "OR" } ] } ]