CVE-2009-2799

EUVD-2009-2789
Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 91%
Affected Products (NVD)
VendorProductVersion
applequicktime
𝑥
≤ 7.6.2
applequicktime
-
applequicktime
3.0
applequicktime
4.1.2
applequicktime
4.1.2
applequicktime
4.1.2
applequicktime
5.0
applequicktime
5.0.1
applequicktime
5.0.1
applequicktime
5.0.1
applequicktime
5.0.2
applequicktime
5.0.2
applequicktime
5.0.2
applequicktime
6.0
applequicktime
6.0
applequicktime
6.0.0
applequicktime
6.0.0
applequicktime
6.0.0
applequicktime
6.0.1
applequicktime
6.0.1
applequicktime
6.0.1
applequicktime
6.0.2
applequicktime
6.0.2
applequicktime
6.0.2
applequicktime
6.1
applequicktime
6.1.0
applequicktime
6.1.0
applequicktime
6.1.0
applequicktime
6.1.1
applequicktime
6.1.1
applequicktime
6.1.1
applequicktime
6.2.0
applequicktime
6.2.0
applequicktime
6.2.0
applequicktime
6.3.0
applequicktime
6.3.0
applequicktime
6.3.0
applequicktime
6.4.0
applequicktime
6.4.0
applequicktime
6.4.0
applequicktime
6.5
applequicktime
6.5.0
applequicktime
6.5.0
applequicktime
6.5.0
applequicktime
6.5.1
applequicktime
6.5.1
applequicktime
6.5.1
applequicktime
6.5.2
applequicktime
6.5.2
applequicktime
6.5.2
applequicktime
7.0
applequicktime
7.0
applequicktime
7.0
applequicktime
7.0.0
applequicktime
7.0.0
applequicktime
7.0.0
applequicktime
7.0.1
applequicktime
7.0.1
applequicktime
7.0.1
applequicktime
7.0.1
applequicktime
7.0.2
applequicktime
7.0.2
applequicktime
7.0.2
applequicktime
7.0.2
applequicktime
7.0.3
applequicktime
7.0.3
applequicktime
7.0.3
applequicktime
7.0.4
applequicktime
7.0.4
applequicktime
7.0.4
applequicktime
7.1
applequicktime
7.1.0
applequicktime
7.1.0
applequicktime
7.1.0
applequicktime
7.1.1
applequicktime
7.1.1
applequicktime
7.1.1
applequicktime
7.1.2
applequicktime
7.1.2
applequicktime
7.1.2
applequicktime
7.1.3
applequicktime
7.1.3
applequicktime
7.1.3
applequicktime
7.1.4
applequicktime
7.1.4
applequicktime
7.1.4
applequicktime
7.1.5
applequicktime
7.1.5
applequicktime
7.1.5
applequicktime
7.1.6
applequicktime
7.1.6
applequicktime
7.1.6
applequicktime
7.2
applequicktime
7.2.0
applequicktime
7.2.0
applequicktime
7.2.0
applequicktime
7.2.1
applequicktime
7.2.1
applequicktime
7.2.1
applequicktime
7.3
applequicktime
7.3.0
applequicktime
7.3.0
applequicktime
7.3.0
applequicktime
7.3.1
applequicktime
7.3.1
applequicktime
7.3.1
applequicktime
7.3.1.70
applequicktime
7.4
applequicktime
7.4.0
applequicktime
7.4.0
applequicktime
7.4.0
applequicktime
7.4.1
applequicktime
7.4.1
applequicktime
7.4.1
applequicktime
7.4.4
applequicktime
7.4.5
applequicktime
7.4.5
applequicktime
7.4.5
applequicktime
7.5
applequicktime
7.5.0
applequicktime
7.5.0
applequicktime
7.5.0
applequicktime
7.5.5
applequicktime
7.5.5
applequicktime
7.5.5
applequicktime
7.6.0
applequicktime
7.6.0
applequicktime
7.6.0
applequicktime
7.6.1
applequicktime
7.6.1
applequicktime
7.6.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
http://lists.apple.com/archives/security-announce/2009/Sep/msg00002.html
http://support.apple.com/kb/HT3859
http://support.apple.com/kb/HT3937
http://www.securityfocus.com/bid/36328
http://www.vupen.com/english/advisories/2009/3184
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6405
http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
http://lists.apple.com/archives/security-announce/2009/Sep/msg00002.html
http://support.apple.com/kb/HT3859
http://support.apple.com/kb/HT3937
http://www.securityfocus.com/bid/36328
http://www.vupen.com/english/advisories/2009/3184
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6405