CVE-2010-0529

EUVD-2010-0560
Heap-based buffer overflow in QuickTime.qts in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PICT image with a BkPixPat opcode (0x12) containing crafted values that are used in a calculation for memory allocation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 86%
Affected Products (NVD)
VendorProductVersion
applequicktime
𝑥
≤ 7.6.0
applequicktime
7.0.0
applequicktime
7.0.1
applequicktime
7.0.2
applequicktime
7.0.3
applequicktime
7.0.4
applequicktime
7.1.0
applequicktime
7.1.1
applequicktime
7.1.2
applequicktime
7.1.3
applequicktime
7.1.4
applequicktime
7.1.5
applequicktime
7.1.6
applequicktime
7.2.0
applequicktime
7.2.1
applequicktime
7.3.0
applequicktime
7.3.1
applequicktime
7.4.0
applequicktime
7.4.1
applequicktime
7.4.5
applequicktime
7.5.0
applequicktime
7.5.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://lists.apple.com/archives/security-announce/2010//Mar/msg00002.html
http://www.securityfocus.com/archive/1/510569/100/0/threaded
http://www.zerodayinitiative.com/advisories/ZDI-10-067
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6780
http://lists.apple.com/archives/security-announce/2010//Mar/msg00002.html
http://www.securityfocus.com/archive/1/510569/100/0/threaded
http://www.zerodayinitiative.com/advisories/ZDI-10-067
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6780