Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2009-0188 (GCVE-0-2009-0188)
Vulnerability from cvelistv5 – Published: 2009-06-02 18:00 – Updated: 2024-08-07 04:24
VLAI?
EPSS
Summary
Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie composed of a Sorenson 3 video file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:18.074Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "35091",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35091"
},
{
"name": "35159",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35159"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3591"
},
{
"name": "1022314",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022314"
},
{
"name": "20090602 Secunia Research: QuickTime Sorenson Video 3 Content Parsing Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/504007/100/0/threaded"
},
{
"name": "ADV-2009-1469",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1469"
},
{
"name": "quicktime-sorensonvideo-code-execution(50886)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50886"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2009-10/"
},
{
"name": "oval:org.mitre.oval:def:16085",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16085"
},
{
"name": "APPLE-SA-2009-06-01-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-06-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie composed of a Sorenson 3 video file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "35091",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35091"
},
{
"name": "35159",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35159"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3591"
},
{
"name": "1022314",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022314"
},
{
"name": "20090602 Secunia Research: QuickTime Sorenson Video 3 Content Parsing Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/504007/100/0/threaded"
},
{
"name": "ADV-2009-1469",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1469"
},
{
"name": "quicktime-sorensonvideo-code-execution(50886)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50886"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2009-10/"
},
{
"name": "oval:org.mitre.oval:def:16085",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16085"
},
{
"name": "APPLE-SA-2009-06-01-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00000.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2009-0188",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie composed of a Sorenson 3 video file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35091",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35091"
},
{
"name": "35159",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35159"
},
{
"name": "http://support.apple.com/kb/HT3591",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3591"
},
{
"name": "1022314",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022314"
},
{
"name": "20090602 Secunia Research: QuickTime Sorenson Video 3 Content Parsing Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504007/100/0/threaded"
},
{
"name": "ADV-2009-1469",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1469"
},
{
"name": "quicktime-sorensonvideo-code-execution(50886)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50886"
},
{
"name": "http://secunia.com/secunia_research/2009-10/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2009-10/"
},
{
"name": "oval:org.mitre.oval:def:16085",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16085"
},
{
"name": "APPLE-SA-2009-06-01-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00000.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2009-0188",
"datePublished": "2009-06-02T18:00:00.000Z",
"dateReserved": "2009-01-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:24:18.074Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2009-0188
Vulnerability from fkie_nvd - Published: 2009-06-02 18:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie composed of a Sorenson 3 video file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D23D725-2D79-4E21-9273-30D8753B8E53",
"versionEndIncluding": "7.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EE08FAE-0862-4C36-95BC-878B04CBF397",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D8F310A8-F760-4059-987D-42369F360DE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F71BC599-FCBE-4F1F-AA24-41AF91F82226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:4.1.2:-:mac:*:*:*:*:*",
"matchCriteriaId": "ACE0F153-80B3-4469-AE49-4B7517218574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:4.1.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "03C15EB0-1D29-4DBE-B2C0-FE9365E8D624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41473E1D-B988-4312-B16B-D340508DD473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCC2EBC0-F2A6-4709-9A27-CF63BC578744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:5.0.1:-:mac:*:*:*:*:*",
"matchCriteriaId": "53527707-E903-4A12-AB87-6EC5FA9F2EC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:5.0.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "EE3EAE38-9DE6-450D-BCD0-70E590C1F76E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "844E1B14-A13A-47F1-9C82-02EAEED1A911",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:5.0.2:-:mac:*:*:*:*:*",
"matchCriteriaId": "A91242F5-485E-4125-A19C-4C20B602DD5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:5.0.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "63D7214C-FAF6-4DCA-8520-8A539BDCD98A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "80747BDD-70E9-4E74-896F-C79D014F1B2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "0D02D35D-E957-4949-B5DA-F3654B13A308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4C6772-CD24-46FD-AEBE-BF8BB16B5BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.0.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "8399665C-F8A8-4133-A0CD-E767F8266E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.0.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "FC48F2B6-4BC7-4B57-ADE2-4907287A1AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "85ADED98-62C6-4961-894C-1D26E3B3EE5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.0.1:-:mac:*:*:*:*:*",
"matchCriteriaId": "F7B48C74-28CC-4348-9CF9-9AF58C7A5E72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.0.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "6469AEDC-6F9D-4CAC-84B2-F13107626FB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F522CEA4-B3BB-4C94-B070-6679EEA43439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.0.2:-:mac:*:*:*:*:*",
"matchCriteriaId": "904FA4B7-A6CB-48B4-B887-4B349479D1A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.0.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "CB2DFC1B-6452-4575-A099-2E5FD387A8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA1E140B-BCB4-4B3C-B287-E9E944E08DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B630944-F838-4C02-90D4-F5EB2A073CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.1.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "B2FC05FE-5A85-4D78-BAAF-FFCC2CC4CAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.1.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "01A24DD9-5AB8-4091-A293-1A2D7953D455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9066C81B-A69F-450D-8606-5E29AF1AD286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.1.1:-:mac:*:*:*:*:*",
"matchCriteriaId": "BB113931-F886-425C-A0F8-171F6D71A02F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.1.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "D282FA67-0089-4ED5-8168-E3CE8B510BBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "71285AD2-3966-4817-B630-8335BE985D56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.2.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "0A2B95BD-A728-4EE7-A4C9-E1547C34E8E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.2.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "2B5928A2-C989-4B27-91E1-7019277B2E1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2458480E-F222-452A-AB21-933F924F8F6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.3.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "05AA3258-E556-4443-AF79-96882A9CF33C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.3.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "51292C8C-4905-4C30-B166-ACCE39D9DEE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30C83A78-6BB9-443E-B508-CC6F8D157A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.4.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "546B9E74-E86B-462B-A58E-017E3B780B63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.4.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "3433487A-98ED-4C28-8659-609BF395E23A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7CB5C4-9A5A-4831-8FFD-0D261619A7DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61463F4F-BBE0-42AA-AC22-8F39E94EB520",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.5.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "579E49C1-2F66-4CCB-AAE4-6C15089C2D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.5.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "335F4D89-983A-4C05-937A-EEE802A260D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2CE0B67-0794-472D-A2C0-CC5CA0E36370",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.5.1:-:mac:*:*:*:*:*",
"matchCriteriaId": "49477EAA-5AA2-4B55-8BEF-AB3E118DE618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.5.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "7F189FAB-3BA1-4C1B-975F-E174D5CB8771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A5DDF47-5AA5-4EE3-B12D-9218F528EFE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.5.2:-:mac:*:*:*:*:*",
"matchCriteriaId": "19AAC0DE-53D7-42E4-90D2-939C5DF6F651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:6.5.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "F7A30674-38BA-49B8-9DE0-4C9FB5A62DA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F075BA0F-4A96-4F25-AF1D-C64C7DCE1CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0:*:windows:*:*:*:*:*",
"matchCriteriaId": "BC1B46A6-E032-4E24-B367-F5A94E770FC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "284BAF97-86BC-4520-BAB6-D75D18FFA1DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F43E39C4-6A08-4C38-BC7D-573F40978527",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "04F44BB3-5221-4D8A-ABC3-C51EC76A5B2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "3F4075B0-0F9F-466B-8521-2156849247C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8692B488-129A-49EA-AF84-6077FCDBB898",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "6E0B99DA-3BDA-4848-85BB-EC0D002A73F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.1:-:mac:*:*:*:*:*",
"matchCriteriaId": "E1B24679-4C63-4320-A79F-E19CCFA537D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "DF2A6BCB-108E-4226-BC31-6E0057DFB6D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1758610B-3789-489E-A751-386D605E5A08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.2:*:windows:*:*:*:*:*",
"matchCriteriaId": "5EDE46EA-5B6A-4B59-8BAA-CD803F6D5FD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.2:-:mac:*:*:*:*:*",
"matchCriteriaId": "D0D28529-2A0A-4398-98C2-C35BABB9373A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "F8BF6A6A-F734-4395-9305-2E9F52EE888F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B535737C-BF32-471C-B26A-588632FCC427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.3:-:mac:*:*:*:*:*",
"matchCriteriaId": "402BBD8E-4960-43C0-8D46-6F20BBA6BF2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.3:-:windows:*:*:*:*:*",
"matchCriteriaId": "AFCB45F3-397E-42A8-8D08-ECF667939FF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DF2C61F8-B376-40F9-8677-CADCC3295915",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.4:-:mac:*:*:*:*:*",
"matchCriteriaId": "BDBD1E93-C675-4248-ACE6-C49DBE7B3E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.0.4:-:windows:*:*:*:*:*",
"matchCriteriaId": "D5C04F70-E2E6-48F4-948D-9D0C7B2A2F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6254BB56-5A25-49DC-A851-3CCA249BD71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0E0EA8-2947-44F9-BCFA-F4CFA34E9EFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "EA16CB14-D053-4CDB-B80A-8AC9D17FACAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "E1DB3FBD-40F4-41FB-A939-3E3A4D0D85B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "795E3354-7824-4EF4-A788-3CFEB75734E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.1:-:mac:*:*:*:*:*",
"matchCriteriaId": "60500521-46FC-4734-901C-0A5E5D3DB9EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "F45B47BB-E14F-4437-8828-EF059496BF95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9419A1E9-A0DA-4846-8959-BE50B53736E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.2:-:mac:*:*:*:*:*",
"matchCriteriaId": "682C7A59-6F3C-4E50-A145-D081614CD42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "9B353211-F90E-4F38-9D0B-B8C7EC00E66F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "952A8015-B18B-481C-AC17-60F0D7EEE085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.3:-:mac:*:*:*:*:*",
"matchCriteriaId": "D69BB04E-E696-4B34-95DE-B42F46697F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.3:-:windows:*:*:*:*:*",
"matchCriteriaId": "F6A44CA9-D257-4BB7-B5AB-23193F35FCB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3E518B27-A79B-43A4-AFA6-E59EF8E944D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.4:-:mac:*:*:*:*:*",
"matchCriteriaId": "C0638BF3-4B18-4747-AD33-D04B3B4E217F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.4:-:windows:*:*:*:*:*",
"matchCriteriaId": "9B8F4241-551B-492D-8602-06146B05CF13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AEC6EF36-93B3-49BB-9A6F-1990E3F4170E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.5:-:mac:*:*:*:*:*",
"matchCriteriaId": "CF370413-96F7-4882-899F-577A8F3DAD47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.5:-:windows:*:*:*:*:*",
"matchCriteriaId": "2BA9C6F7-513B-426F-90AD-7E826433CEF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1A1B5F2F-CDBF-4AEF-9F78-0C010664B9E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.6:-:mac:*:*:*:*:*",
"matchCriteriaId": "2D9ECCF0-1CF4-4201-8002-EFF6C5331DB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.6:-:windows:*:*:*:*:*",
"matchCriteriaId": "5B709D68-8474-4AAE-AA11-777EF510E1AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "98C9B657-5484-4458-861E-D6FB5019265A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.2:*:vista:*:*:*:*:*",
"matchCriteriaId": "6F1AC0EA-202C-47F8-8104-C10A5BBEDF1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B84D320E-ACA2-4B6E-B682-00202B9ADF2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.2.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "B2706818-E87A-4BF7-AC10-CFA28ABE4B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.2.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "4DCEE583-6CD2-4098-9A2A-B006A5023318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "81E0F160-4B70-45CD-B8AC-AB30ADDB8D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.2.1:-:mac:*:*:*:*:*",
"matchCriteriaId": "268B4FBA-D6AC-4595-898A-721E284F3399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.2.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "52AD56F9-0CE6-4949-9853-3274A2C81601",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1EF20D38-BFA3-4403-AB24-7B74EFD68229",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97FEBA83-C845-4334-9B9A-921BA0F44DE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.3.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "DA476E79-5145-4EE3-BD81-3773C6B19825",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.3.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "555B1A2A-95F5-4B06-8774-FF952BEC2FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2CE2A89-B2FC-413D-A059-526E6DE301BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.3.1:-:mac:*:*:*:*:*",
"matchCriteriaId": "1BB8C8C6-2751-4704-B999-FBF5BC2FDA74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.3.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "CEA210F5-71F6-4528-B2B4-507AA4A435EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.3.1.70:*:*:*:*:*:*:*",
"matchCriteriaId": "7F9F7DCE-EE65-4CD5-AA21-208B2AAF09EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "31662D02-7FA9-4FAD-BE49-194B7295CEE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C835F2-4F9E-45A6-8112-C2D8CB1A39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "D0E4F2DB-1C1A-4440-8D1B-C18F41E2603C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "081712FF-C6B8-423B-8F20-C79D25DE782F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8461AF0A-D4D3-4010-A881-EDBB95003083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4.1:-:mac:*:*:*:*:*",
"matchCriteriaId": "D7B3A3F0-EE97-49B6-A92A-D5D2D7171913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "CF045B49-11A3-447A-9D05-1E8794980A81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E1332A-5B4D-4590-BFA5-4557C71F894B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5C8E5C77-573F-4EA3-A59C-4A7B11946E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4.5:-:mac:*:*:*:*:*",
"matchCriteriaId": "428DCE6C-B2EC-4BFF-BA65-DB14F1CC964F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.4.5:-:windows:*:*:*:*:*",
"matchCriteriaId": "939BE521-A385-4A1A-B4B0-C4687751D4A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0DC01580-460A-4DC3-BB6D-A9B2254EF6D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C6E08BF-737E-4512-9BB8-5B4B03A2F8B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.5.0:-:mac:*:*:*:*:*",
"matchCriteriaId": "2AC5D3A0-A7BB-4C0F-94FF-8ED54FB62A51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.5.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "304CFC80-E925-4CB8-8251-0FD0F09B8410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D22D0674-0EC7-4176-97FB-940F2F7D6AFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.5.5:-:mac:*:*:*:*:*",
"matchCriteriaId": "4DDB8D28-183F-4B16-8610-592A210311E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.5.5:-:windows:*:*:*:*:*",
"matchCriteriaId": "DFD95CD9-E387-4EC8-B6EA-FBC6961E4C8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:quicktime:7.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A6470EC-B72B-404C-9E69-03C3FEFD56F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie composed of a Sorenson 3 video file."
},
{
"lang": "es",
"value": "Apple QuickTime anterior a v7.6.2 permite a atacantes remotos ejecutar c\u00f3digo de forma arbitraria o producir una denegaci\u00f3n de servicio (corrupci\u00f3n de la memoria o ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un una pel\u00edcula manipulada compuesta de un fichero de v\u00eddeo de Sorenson 3."
}
],
"id": "CVE-2009-0188",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-06-02T18:30:00.203",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00000.html"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35091"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-10/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT3591"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/504007/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/bid/35159"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securitytracker.com/id?1022314"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1469"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50886"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35091"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-10/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT3591"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/504007/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/35159"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50886"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16085"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-XP4C-5VW7-4HVV
Vulnerability from github – Published: 2022-05-02 03:13 – Updated: 2025-04-09 04:10
VLAI?
Details
Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie composed of a Sorenson 3 video file.
{
"affected": [],
"aliases": [
"CVE-2009-0188"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2009-06-02T18:30:00Z",
"severity": "HIGH"
},
"details": "Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie composed of a Sorenson 3 video file.",
"id": "GHSA-xp4c-5vw7-4hvv",
"modified": "2025-04-09T04:10:19Z",
"published": "2022-05-02T03:13:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0188"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50886"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16085"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00000.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/35091"
},
{
"type": "WEB",
"url": "http://secunia.com/secunia_research/2009-10"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT3591"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/504007/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/35159"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1022314"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2009/1469"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2009-0188
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie composed of a Sorenson 3 video file.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2009-0188",
"description": "Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie composed of a Sorenson 3 video file.",
"id": "GSD-2009-0188"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2009-0188"
],
"details": "Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie composed of a Sorenson 3 video file.",
"id": "GSD-2009-0188",
"modified": "2023-12-13T01:19:44.905101Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2009-0188",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie composed of a Sorenson 3 video file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35091",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35091"
},
{
"name": "35159",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35159"
},
{
"name": "http://support.apple.com/kb/HT3591",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3591"
},
{
"name": "1022314",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022314"
},
{
"name": "20090602 Secunia Research: QuickTime Sorenson Video 3 Content Parsing Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504007/100/0/threaded"
},
{
"name": "ADV-2009-1469",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1469"
},
{
"name": "quicktime-sorensonvideo-code-execution(50886)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50886"
},
{
"name": "http://secunia.com/secunia_research/2009-10/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2009-10/"
},
{
"name": "oval:org.mitre.oval:def:16085",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16085"
},
{
"name": "APPLE-SA-2009-06-01-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00000.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:5.0.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:4.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0.2:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.1.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.1.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.1:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.2:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:5.0.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:4.1.2:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:5.0.2:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0.2:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.4.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.4.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.2.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.2.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.2:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.3:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.2:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.5:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:5.0.2:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.3.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.3:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.3:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.4:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.4:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.3:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.2:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.5:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.2.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.2.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.3.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.5.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:4.1.2:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:5.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:5.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.1.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.1.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.3.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.2:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.2:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.2:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.4:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.6:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.3.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.4.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.5.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.5.5:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.6.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.4:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.2.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.3.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.3.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.4.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.4.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.5.5:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.4.5:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.6:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.2:*:vista:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.2.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.3.1.70:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.4.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.4.5:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:quicktime:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2009-0188"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie composed of a Sorenson 3 video file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT3591",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT3591"
},
{
"name": "APPLE-SA-2009-06-01-1",
"refsource": "APPLE",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00000.html"
},
{
"name": "35159",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/35159"
},
{
"name": "ADV-2009-1469",
"refsource": "VUPEN",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1469"
},
{
"name": "http://secunia.com/secunia_research/2009-10/",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-10/"
},
{
"name": "35091",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35091"
},
{
"name": "1022314",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id?1022314"
},
{
"name": "quicktime-sorensonvideo-code-execution(50886)",
"refsource": "XF",
"tags": [],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50886"
},
{
"name": "oval:org.mitre.oval:def:16085",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16085"
},
{
"name": "20090602 Secunia Research: QuickTime Sorenson Video 3 Content Parsing Vulnerability",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/504007/100/0/threaded"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": true
}
},
"lastModifiedDate": "2018-10-30T16:25Z",
"publishedDate": "2009-06-02T18:30Z"
}
}
}
CERTA-2009-AVI-206
Vulnerability from certfr_avis - Published: 2009-06-03 - Updated: 2009-06-03
Plusieurs vulnérabilités ont été identifiées dans le lecteur multimédia Apple QuickTime. L'exploitation de celles-ci permet à une personne malveillante de perturber le service, voire d'exécuter du code arbitraire sur le système vulnérable.
Description
Plusieurs vulnérabilités ont été identifiées dans le lecteur multimédia Apple QuickTime. Ce dernier ne manipulerait pas correctement certains formats de fichiers, comme les données vidéo de type Sorenson 3, les fichiers compressés par FLI/FLC, les images compressées par PSD ou aux formats PICT et JP2.
L'exploitation de ces vulnérabilités peut être réalisée avec des fichiers spécialement construits puis insérés dans des pages Web. Cela permet à une personne malveillante, à distance, de perturber le service, voire d'exécuter du code arbitraire sur le système vulnérable.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
- Apple QuickTime pour les versions antérieures à 7.6.2.
Les systèmes d'exploitation peuvent être indifféremment Apple Mac OS X ou Microsoft Windows.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cUL\u003e \u003cLI\u003eApple QuickTime pour les versions ant\u00e9rieures \u00e0 7.6.2.\u003c/LI\u003e \u003c/UL\u003e \u003cP\u003eLes syst\u00e8mes d\u0027exploitation peuvent \u00eatre indiff\u00e9remment Apple Mac OS X ou Microsoft Windows.\u003c/P\u003e",
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le lecteur multim\u00e9dia\nApple QuickTime. Ce dernier ne manipulerait pas correctement certains\nformats de fichiers, comme les donn\u00e9es vid\u00e9o de type Sorenson 3, les\nfichiers compress\u00e9s par FLI/FLC, les images compress\u00e9es par PSD ou aux\nformats PICT et JP2.\n\nL\u0027exploitation de ces vuln\u00e9rabilit\u00e9s peut \u00eatre r\u00e9alis\u00e9e avec des\nfichiers sp\u00e9cialement construits puis ins\u00e9r\u00e9s dans des pages Web. Cela\npermet \u00e0 une personne malveillante, \u00e0 distance, de perturber le service,\nvoire d\u0027ex\u00e9cuter du code arbitraire sur le syst\u00e8me vuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2009-0954",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0954"
},
{
"name": "CVE-2009-0010",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0010"
},
{
"name": "CVE-2009-0957",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0957"
},
{
"name": "CVE-2009-0951",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0951"
},
{
"name": "CVE-2009-0955",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0955"
},
{
"name": "CVE-2009-0185",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0185"
},
{
"name": "CVE-2009-0188",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0188"
},
{
"name": "CVE-2009-0952",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0952"
},
{
"name": "CVE-2009-0956",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0956"
},
{
"name": "CVE-2009-0953",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0953"
}
],
"initial_release_date": "2009-06-03T00:00:00",
"last_revision_date": "2009-06-03T00:00:00",
"links": [
{
"title": "Note de s\u00e9curit\u00e9 Apple HT3591 du 01 juin 2009\u00a0:",
"url": "http://support.apple.com/kb/HT3591"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Apple 106704 du 01 juin 2009 :",
"url": "http://docs.info.apple.com/article.html?artnum=106704"
},
{
"title": "Note de s\u00e9curit\u00e9 Apple HT3520 du 01 juin 2009\u00a0:",
"url": "http://support.apple.com/kb/HT3520"
}
],
"reference": "CERTA-2009-AVI-206",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2009-06-03T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le lecteur multim\u00e9dia\nApple QuickTime. L\u0027exploitation de celles-ci permet \u00e0 une personne\nmalveillante de perturber le service, voire d\u0027ex\u00e9cuter du code\narbitraire sur le syst\u00e8me vuln\u00e9rable.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple QuickTime",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT3591 du 01 juin 2009",
"url": null
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…