Medium Published: Jul 07, 2004 Modified: Apr 03, 2025

CVE-2004-0431

5.1 CVSS SCORE

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Description

Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1 allows attackers to execute arbitrary code via a large "number of entries" field in the sample-to-chunk table data for a .mov movie file, which leads to a heap-based buffer overflow.

CVSS Vector Details

Attack Vector Network

Attack Complexity High

Confidentiality P

Integrity P

Availability P

Affected Software Configurations

a apple quicktime * * * * * * * *

Weaknesses (CWE)

NVD-CWE-Other

References & External Links

http://lists.apple.com/mhonarc/security-announce/msg00048.html
http://marc.info/?l=bugtraq&m=108360110618389&w=2
http://marc.info/?l=ntbugtraq&m=108356485013237&w=2
http://www.kb.cert.org/vuls/id/782958
https://exchange.xforce.ibmcloud.com/vulnerabilities/16026
http://lists.apple.com/mhonarc/security-announce/msg00048.html
http://marc.info/?l=bugtraq&m=108360110618389&w=2
http://marc.info/?l=ntbugtraq&m=108356485013237&w=2
http://www.kb.cert.org/vuls/id/782958
https://exchange.xforce.ibmcloud.com/vulnerabilities/16026

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

← Back to CVE Tracker