ID CVE-2006-1462
Summary Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime H.264 (M4V) video format file.
References
Vulnerable Configurations
  • cpe:2.3:a:apple:quicktime:7.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:7.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:7.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:7.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:7.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:7.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:7.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:7.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:-:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:-:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:3:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:3:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:4.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:4.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:5.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:5.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:5.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:5.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:5.0.2:-:windows:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:5.0.2:-:windows:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.0:-:windows:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.0:-:windows:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.0.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.0.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.0.0:-:windows:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.0.0:-:windows:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.0.1:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.0.1:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.0.1:-:windows:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.0.1:-:windows:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.0.2:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.0.2:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.0.2:-:windows:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.0.2:-:windows:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.1:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.1.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.1.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.1.0:-:windows:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.1.0:-:windows:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.1.1:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.1.1:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.1.1:-:windows:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.1.1:-:windows:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.2.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.2.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.2.0:-:windows:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.2.0:-:windows:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.3.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.3.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.3.0:-:windows:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.3.0:-:windows:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.4.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.4.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.4.0:-:windows:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.4.0:-:windows:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.5:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.5:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.5.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.5.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.5.0:-:windows:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.5.0:-:windows:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.5.1:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.5.1:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.5.1:-:windows:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.5.1:-:windows:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.5.2:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.5.2:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:6.5.2:-:windows:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:6.5.2:-:windows:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:7.0.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:7.0.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:7.0.0:-:windows:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:7.0.0:-:windows:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:7.0.1:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:7.0.1:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:7.0.1:-:windows:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:7.0.1:-:windows:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:7.0.2:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:7.0.2:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:7.0.2:-:windows:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:7.0.2:-:windows:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:7.0.3:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:7.0.3:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:7.0.3:-:windows:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:7.0.3:-:windows:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:7.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:7.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:7.0.4:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:7.0.4:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:quicktime:7.0.4:-:windows:*:*:*:*:*
    cpe:2.3:a:apple:quicktime:7.0.4:-:windows:*:*:*:*:*
CVSS
Base: 5.1 (as of 18-10-2018 - 16:32)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:H/Au:N/C:P/I:P/A:P
refmap via4
apple APPLE-SA-2006-05-11
bid 17953
bugtraq 20060512 Apple QuickDraw/QuickTime Multiple Vulnerabilities
cert TA06-132B
sectrack 1016067
secunia 20069
sreason 887
vupen ADV-2006-1778
xf quicktime-h264-overflow(26395)
saint via4
bid 17953
description QuickTime MOV file udta Atom buffer overflow
id misc_quicktime
osvdb 25509
title quicktime_udta_atom
type client
Last major update 18-10-2018 - 16:32
Published 12-05-2006 - 20:06
Last modified 18-10-2018 - 16:32
Back to Top