CVE-2009-0956

EUVD-2009-0953
Apple QuickTime before 7.6.2 does not properly initialize memory before use in handling movie files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a movie containing a user data atom of size zero.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
Affected Products (NVD)
VendorProductVersion
applequicktime
𝑥
≤ 7.6.1
applequicktime
-
applequicktime
3.0
applequicktime
4.1.2
applequicktime
4.1.2
applequicktime
4.1.2
applequicktime
5.0
applequicktime
5.0.1
applequicktime
5.0.1
applequicktime
5.0.1
applequicktime
5.0.2
applequicktime
5.0.2
applequicktime
5.0.2
applequicktime
6.0
applequicktime
6.0
applequicktime
6.0.0
applequicktime
6.0.0
applequicktime
6.0.0
applequicktime
6.0.1
applequicktime
6.0.1
applequicktime
6.0.1
applequicktime
6.0.2
applequicktime
6.0.2
applequicktime
6.0.2
applequicktime
6.1
applequicktime
6.1.0
applequicktime
6.1.0
applequicktime
6.1.0
applequicktime
6.1.1
applequicktime
6.1.1
applequicktime
6.1.1
applequicktime
6.2.0
applequicktime
6.2.0
applequicktime
6.2.0
applequicktime
6.3.0
applequicktime
6.3.0
applequicktime
6.3.0
applequicktime
6.4.0
applequicktime
6.4.0
applequicktime
6.4.0
applequicktime
6.5
applequicktime
6.5.0
applequicktime
6.5.0
applequicktime
6.5.0
applequicktime
6.5.1
applequicktime
6.5.1
applequicktime
6.5.1
applequicktime
6.5.2
applequicktime
6.5.2
applequicktime
6.5.2
applequicktime
7.0
applequicktime
7.0
applequicktime
7.0
applequicktime
7.0.0
applequicktime
7.0.0
applequicktime
7.0.0
applequicktime
7.0.1
applequicktime
7.0.1
applequicktime
7.0.1
applequicktime
7.0.1
applequicktime
7.0.2
applequicktime
7.0.2
applequicktime
7.0.2
applequicktime
7.0.2
applequicktime
7.0.3
applequicktime
7.0.3
applequicktime
7.0.3
applequicktime
7.0.4
applequicktime
7.0.4
applequicktime
7.0.4
applequicktime
7.1
applequicktime
7.1.0
applequicktime
7.1.0
applequicktime
7.1.0
applequicktime
7.1.1
applequicktime
7.1.1
applequicktime
7.1.1
applequicktime
7.1.2
applequicktime
7.1.2
applequicktime
7.1.2
applequicktime
7.1.3
applequicktime
7.1.3
applequicktime
7.1.3
applequicktime
7.1.4
applequicktime
7.1.4
applequicktime
7.1.4
applequicktime
7.1.5
applequicktime
7.1.5
applequicktime
7.1.5
applequicktime
7.1.6
applequicktime
7.1.6
applequicktime
7.1.6
applequicktime
7.2
applequicktime
7.2
applequicktime
7.2.0
applequicktime
7.2.0
applequicktime
7.2.0
applequicktime
7.2.1
applequicktime
7.2.1
applequicktime
7.2.1
applequicktime
7.3
applequicktime
7.3.0
applequicktime
7.3.0
applequicktime
7.3.0
applequicktime
7.3.1
applequicktime
7.3.1
applequicktime
7.3.1
applequicktime
7.3.1.70
applequicktime
7.4
applequicktime
7.4.0
applequicktime
7.4.0
applequicktime
7.4.0
applequicktime
7.4.1
applequicktime
7.4.1
applequicktime
7.4.1
applequicktime
7.4.4
applequicktime
7.4.5
applequicktime
7.4.5
applequicktime
7.4.5
applequicktime
7.5
applequicktime
7.5.0
applequicktime
7.5.0
applequicktime
7.5.0
applequicktime
7.5.5
applequicktime
7.5.5
applequicktime
7.5.5
applequicktime
7.6.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://lists.apple.com/archives/security-announce/2009/Jun/msg00000.html
http://secunia.com/advisories/35091
http://support.apple.com/kb/HT3591
http://www.securityfocus.com/bid/35162
http://www.securitytracker.com/id?1022314
http://www.vupen.com/english/advisories/2009/1469
https://exchange.xforce.ibmcloud.com/vulnerabilities/50896
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16188
http://lists.apple.com/archives/security-announce/2009/Jun/msg00000.html
http://secunia.com/advisories/35091
http://support.apple.com/kb/HT3591
http://www.securityfocus.com/bid/35162
http://www.securitytracker.com/id?1022314
http://www.vupen.com/english/advisories/2009/1469
https://exchange.xforce.ibmcloud.com/vulnerabilities/50896
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16188