CVE-2010-0529

Published Mar 31, 2010

Last updated 6 years ago

CVSS info 9.3

Overview

Description: Heap-based buffer overflow in QuickTime.qts in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PICT image with a BkPixPat opcode (0x12) containing crafted values that are used in a calculation for memory allocation.
Source: product-security@apple.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Evaluator

Comment: -
Impact: Per: http://lists.apple.com/archives/security-announce/2010//Mar/msg00002.html 'This issue does not affect Mac OS X systems.'
Solution: Per: http://lists.apple.com/archives/security-announce/2010//Mar/msg00002.html 'This issue does not affect Mac OS X systems.'

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:apple:quicktime:*:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B27C0810-E6C3-44D9-8EA1-BBCF0C681F71",
            "versionEndIncluding": "7.6.0"
          },
          {
            "criteria": "cpe:2.3:a:apple:quicktime:7.0.0:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3F4075B0-0F9F-466B-8521-2156849247C2"
          },
          {
            "criteria": "cpe:2.3:a:apple:quicktime:7.0.1:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF2A6BCB-108E-4226-BC31-6E0057DFB6D2"
          },
          {
            "criteria": "cpe:2.3:a:apple:quicktime:7.0.2:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8BF6A6A-F734-4395-9305-2E9F52EE888F"
          },
          {
            "criteria": "cpe:2.3:a:apple:quicktime:7.0.3:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AFCB45F3-397E-42A8-8D08-ECF667939FF8"
          },
          {
            "criteria": "cpe:2.3:a:apple:quicktime:7.0.4:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5C04F70-E2E6-48F4-948D-9D0C7B2A2F3D"
          },
          {
            "criteria": "cpe:2.3:a:apple:quicktime:7.1.0:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1DB3FBD-40F4-41FB-A939-3E3A4D0D85B2"
          },
          {
            "criteria": "cpe:2.3:a:apple:quicktime:7.1.1:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F45B47BB-E14F-4437-8828-EF059496BF95"
          },
          {
            "criteria": "cpe:2.3:a:apple:quicktime:7.1.2:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B353211-F90E-4F38-9D0B-B8C7EC00E66F"
          },
          {
            "criteria": "cpe:2.3:a:apple:quicktime:7.1.3:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F6A44CA9-D257-4BB7-B5AB-23193F35FCB5"
          },
          {
            "criteria": "cpe:2.3:a:apple:quicktime:7.1.4:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B8F4241-551B-492D-8602-06146B05CF13"
          },
          {
            "criteria": "cpe:2.3:a:apple:quicktime:7.1.5:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2BA9C6F7-513B-426F-90AD-7E826433CEF1"
          },
          {
            "criteria": "cpe:2.3:a:apple:quicktime:7.1.6:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B709D68-8474-4AAE-AA11-777EF510E1AC"
          },
          {
            "criteria": "cpe:2.3:a:apple:quicktime:7.2.0:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4DCEE583-6CD2-4098-9A2A-B006A5023318"
          },
          {
            "criteria": "cpe:2.3:a:apple:quicktime:7.2.1:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "52AD56F9-0CE6-4949-9853-3274A2C81601"
          },
          {
            "criteria": "cpe:2.3:a:apple:quicktime:7.3.0:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "555B1A2A-95F5-4B06-8774-FF952BEC2FBB"
          },
          {
            "criteria": "cpe:2.3:a:apple:quicktime:7.3.1:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CEA210F5-71F6-4528-B2B4-507AA4A435EB"
          },
          {
            "criteria": "cpe:2.3:a:apple:quicktime:7.4.0:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "081712FF-C6B8-423B-8F20-C79D25DE782F"
          },
          {
            "criteria": "cpe:2.3:a:apple:quicktime:7.4.1:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CF045B49-11A3-447A-9D05-1E8794980A81"
          },
          {
            "criteria": "cpe:2.3:a:apple:quicktime:7.4.5:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "939BE521-A385-4A1A-B4B0-C4687751D4A5"
          },
          {
            "criteria": "cpe:2.3:a:apple:quicktime:7.5.0:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "304CFC80-E925-4CB8-8251-0FD0F09B8410"
          },
          {
            "criteria": "cpe:2.3:a:apple:quicktime:7.5.5:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFD95CD9-E387-4EC8-B6EA-FBC6961E4C8F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Evaluator

Configurations

References