CVE-2010-0529
Published Mar 31, 2010
Last updated 6 years ago
Overview
- Description
- Heap-based buffer overflow in QuickTime.qts in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PICT image with a BkPixPat opcode (0x12) containing crafted values that are used in a calculation for memory allocation.
- Source
- product-security@apple.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-119
Evaluator
- Comment
- -
- Impact
- Per: http://lists.apple.com/archives/security-announce/2010//Mar/msg00002.html 'This issue does not affect Mac OS X systems.'
- Solution
- Per: http://lists.apple.com/archives/security-announce/2010//Mar/msg00002.html 'This issue does not affect Mac OS X systems.'
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:quicktime:*:-:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B27C0810-E6C3-44D9-8EA1-BBCF0C681F71",
"versionEndIncluding": "7.6.0"
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.0:-:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F4075B0-0F9F-466B-8521-2156849247C2"
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.1:-:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DF2A6BCB-108E-4226-BC31-6E0057DFB6D2"
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.2:-:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F8BF6A6A-F734-4395-9305-2E9F52EE888F"
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.3:-:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AFCB45F3-397E-42A8-8D08-ECF667939FF8"
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.4:-:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D5C04F70-E2E6-48F4-948D-9D0C7B2A2F3D"
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.0:-:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E1DB3FBD-40F4-41FB-A939-3E3A4D0D85B2"
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.1:-:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F45B47BB-E14F-4437-8828-EF059496BF95"
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.2:-:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B353211-F90E-4F38-9D0B-B8C7EC00E66F"
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.3:-:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6A44CA9-D257-4BB7-B5AB-23193F35FCB5"
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.4:-:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B8F4241-551B-492D-8602-06146B05CF13"
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.5:-:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2BA9C6F7-513B-426F-90AD-7E826433CEF1"
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.6:-:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B709D68-8474-4AAE-AA11-777EF510E1AC"
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.2.0:-:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4DCEE583-6CD2-4098-9A2A-B006A5023318"
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.2.1:-:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "52AD56F9-0CE6-4949-9853-3274A2C81601"
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.3.0:-:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "555B1A2A-95F5-4B06-8774-FF952BEC2FBB"
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.3.1:-:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CEA210F5-71F6-4528-B2B4-507AA4A435EB"
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4.0:-:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "081712FF-C6B8-423B-8F20-C79D25DE782F"
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4.1:-:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CF045B49-11A3-447A-9D05-1E8794980A81"
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4.5:-:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "939BE521-A385-4A1A-B4B0-C4687751D4A5"
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.5.0:-:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "304CFC80-E925-4CB8-8251-0FD0F09B8410"
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.5.5:-:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFD95CD9-E387-4EC8-B6EA-FBC6961E4C8F"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]