CVE-2009-2798

2009-09-10 23:30:01 2018-10-30 17:25:17

Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Apple Quicktime 7.4.5 for Windows Apple Quicktime 7.4.5 Apple Quicktime 7.4.5 for Mac OS X Apple Quicktime 7.4.4 (not an official CPE) Apple Quicktime 7.4.1 for Windows Apple Quicktime 7.4.1 for Mac OS X Apple Quicktime 7.4.1 Apple Quicktime 7.4.0 for Windows Apple Quicktime 7.4.0 for Mac OS X Apple Quicktime 7.4.0 Apple Quicktime 7.4 Apple Quicktime 7.3.1.70 Apple Quicktime 7.3.1 for Windows Apple Quicktime 7.3.1 for Mac OS X Apple Quicktime 7.3.1 Apple Quicktime 7.3.0 for Windows Apple Quicktime 7.3.0 for Mac OS X Apple Quicktime 7.3.0 Apple Quicktime 7.3 Apple Quicktime 7.2.1 for Windows Apple Quicktime 7.2.1 for Mac OS X Apple Quicktime 7.2.1 Apple Quicktime 7.2.0 for Windows Apple Quicktime 7.2.0 for Mac OS X Apple Quicktime 7.2.0 Apple Quicktime 7.2 Apple Quicktime 7.1.6 for Windows Apple Quicktime 7.1.6 for Mac OS X Apple Quicktime 7.1.6 Apple Quicktime 7.1.5 for Windows Apple Quicktime 7.1.5 for Mac OS X Apple Quicktime 7.1.5 Apple Quicktime 7.1.4 for Windows Apple Quicktime 7.1.4 - Mac (not an official CPE) Apple Quicktime 7.1.4 Apple Quicktime 7.1.3 for Windows Apple Quicktime 7.1.3 Apple Quicktime 7.1.3 for Mac OS X Apple Quicktime 7.1.2 for Windows Apple Quicktime 7.1.2 for Mac OS X Apple Quicktime 7.1.2 Apple Quicktime 7.1.1 for Windows Apple Quicktime 7.1.1 for Mac OS X Apple Quicktime 7.1.1 Apple Quicktime 7.1.0 for Windows Apple Quicktime 7.1.0 for Mac OS X Apple Quicktime 7.1.0 Apple Quicktime 7.1 Apple Quicktime 7.0.4 for Windows Apple Quicktime 7.0.4 for Mac OS X Apple Quicktime 7.0.4 Apple Quicktime 7.0.3 for Windows Apple Quicktime 7.0.3 for Mac OS X Apple Quicktime 7.0.3 Apple Quicktime 7.0.2 Windows Apple Quicktime 7.0.2 for Mac OS X Apple Quicktime 7.0.2 Windows (not an official CPE) Apple Quicktime 7.0.2 Apple Quicktime 7.0.1 Windows Apple Quicktime 7.0.1 for Mac OS X Apple Quicktime 7.0.1 Windows (not an official CPE) Apple Quicktime 7.0.1 Apple Quicktime 7.0.0 for Windows Apple Quicktime 7.0.0 for Mac OS X Apple Quicktime 7.0.0 Apple Quicktime 7.0 - Windows (not an official CPE) Apple Quicktime 7.0 Windows (not an official CPE) Apple Quicktime 7.0 Apple Quicktime 6.5.2 for Windows Apple Quicktime 6.5.2 for Mac OS X Apple Quicktime 6.5.2 Apple Quicktime 6.5.1 for Windows Apple Quicktime 6.5.1 for Mac OS X Apple Quicktime 6.5.1 Apple Quicktime 6.5.0 for Windows Apple Quicktime 6.5.0 Apple Quicktime 6.5.0 for Mac OS X Apple Quicktime 6.5 Apple Quicktime 6.4.0 for Windows Apple Quicktime 6.4.0 Apple Quicktime 6.4.0 for Mac OS X Apple Quicktime 6.3.0 for Windows Apple Quicktime 6.3.0 for Mac OS X Apple Quicktime 6.3.0 Apple Quicktime 6.2.0 for Windows Apple Quicktime 6.2.0 for Mac OS X Apple Quicktime 6.2.0 Apple Quicktime 6.1.1 for Windows Apple Quicktime 6.1.1 for Mac OS X Apple Quicktime 6.1.1 Apple Quicktime 6.1.0 for Windows Apple Quicktime 6.1.0 Apple Quicktime 6.1.0 for Mac OS X Apple Quicktime 6.1 Apple Quicktime 6.0.2 for Windows Apple Quicktime 6.0.2 for Mac OS X Apple Quicktime 6.0.2 Apple Quicktime 6.0.1 for Windows Apple Quicktime 6.0.1 for Mac OS X Apple Quicktime 6.0.1 Apple Quicktime 6.0.0 for Windows Apple Quicktime 6.0.0 for Mac OS X Apple Quicktime 6.0.0 Apple Quicktime 6.0 for Windows Apple Quicktime 6.0 Apple Quicktime 5.0.2 for Windows Apple Quicktime 5.0.2 - Mac (not an official CPE) Apple Quicktime 5.0.2 Apple Quicktime 5.0.1 - Windows (not an official CPE) Apple Quicktime 5.0.1 - Mac (not an official CPE) Apple Quicktime 5.0.1 Apple Quicktime 5.0 Apple Quicktime 4.1.2 - Windows (not an official CPE) Apple Quicktime 4.1.2 - Mac (not an official CPE) Apple Quicktime 4.1.2 Apple Quicktime 3.0 Apple Quicktime - (not an official CPE) Apple Quicktime 7.5 (not an official CPE) Apple Quicktime 7.5.0 Apple Quicktime 7.5.0 for Mac Apple Quicktime 7.5.0 for Windows Apple Quicktime 7.5.5 Apple Quicktime 7.5.5 for Mac Apple Quicktime 7.5.5 for Windows Apple Quicktime 7.6.0 Apple Quicktime 7.6.0 - Mac (not an official CPE) Apple Quicktime 7.6.0 - Windows (not an official CPE) Apple Quicktime 7.6.1 Apple Quicktime 7.6.1 - Mac (not an official CPE) Apple Quicktime 7.6.1 - Windows (not an official CPE) Apple Quicktime 7.6.2

Apple - Quicktime

Advisory	Patch	Confirmed	Link
			ADV-2009-3184
			36328
			http://support.apple.com/kb/HT3937
			APPLE-SA-2009-09-09-2
			http://support.apple.com/kb/HT3859
			APPLE-SA-2009-11-09-1

Improper Restriction of Operations within the Bounds of a Memory Buffer (ID 119)

Related CAPEC 11 Buffer Overflow via Environment Variables (CAPEC-ID 10) Overflow Buffers (CAPEC-ID 100) Client-side Injection-induced Buffer Overflow (CAPEC-ID 14) Filter Failure through Buffer Overflow (CAPEC-ID 24) MIME Conversion (CAPEC-ID 42) Overflow Binary Resource File (CAPEC-ID 44) Buffer Overflow via Symbolic Links (CAPEC-ID 45) Overflow Variables and Tags (CAPEC-ID 46) Buffer Overflow via Parameter Expansion (CAPEC-ID 47) Buffer Overflow in an API Call (CAPEC-ID 8) Buffer Overflow in Local Command-Line Utilities (CAPEC-ID 9)